From 4805276d245bc1e3ab67c92eb3a1bcdfc3ef955e Mon Sep 17 00:00:00 2001 From: Daniel Rogers Date: Fri, 6 Sep 2024 17:26:39 -0700 Subject: [PATCH] Build crossplane from helm package Crossplane unfortunately doesn't have packaged CRDs, so you can't just read them out of the helm repository. Instead this creates a cluster with kind, then installs the helm chart, then dumps all crds that helm chart created, then deletes the cluster. Right now this dumps all the CRDs, but for a more complex use case, you can install all the dependencies first, then check what CRDs are created, then install the target package, then dump the crds, ignore those that already existed. Example of how to run the command: bash -x scripts/helm_to_kcl.sh https://charts.crossplane.io/stable/crossplane-1.17.0.tgz crossplane v1.17.0 Signed-off-by: Daniel Rogers --- crossplane/README.md | 1180 +- .../crossplane.yaml} | 22584 +++++++++++----- crossplane/kcl.mod.lock | 4 - ...iextensions_crossplane_io_v1_composition.k | 33 +- ...ns_crossplane_io_v1_composition_revision.k | 31 +- .../meta_pkg_crossplane_io_v1_configuration.k | 91 - .../v1/meta_pkg_crossplane_io_v1_provider.k | 149 - .../pkg_crossplane_io_v1_function.k} | 40 +- .../pkg_crossplane_io_v1_function_revision.k} | 52 +- ...m_crossplane_io_v1alpha1_provider_config.k | 277 - ...splane_io_v1alpha1_provider_config_usage.k | 105 - .../helm_crossplane_io_v1alpha1_release.k | 666 - .../nop_crossplane_io_v1alpha1_nop_resource.k | 369 - ...crossplane_io_v1alpha1_controller_config.k | 157 +- ...lm_crossplane_io_v1beta1_provider_config.k | 277 - .../helm_crossplane_io_v1beta1_release.k | 749 - ...ane_io_v1beta1_deployment_runtime_config.k | 290 +- scripts/helm_to_kcl.sh | 69 + 18 files changed, 16553 insertions(+), 10570 deletions(-) rename crossplane/{crossplane@v1.16.0 => crds/crossplane.yaml} (58%) delete mode 100644 crossplane/v1/meta_pkg_crossplane_io_v1_configuration.k delete mode 100644 crossplane/v1/meta_pkg_crossplane_io_v1_provider.k rename crossplane/{v1beta1/pkg_crossplane_io_v1beta1_function.k => v1/pkg_crossplane_io_v1_function.k} (82%) rename crossplane/{v1beta1/pkg_crossplane_io_v1beta1_function_revision.k => v1/pkg_crossplane_io_v1_function_revision.k} (81%) delete mode 100644 crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config.k delete mode 100644 crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config_usage.k delete mode 100644 crossplane/v1alpha1/helm_crossplane_io_v1alpha1_release.k delete mode 100644 crossplane/v1alpha1/nop_crossplane_io_v1alpha1_nop_resource.k delete mode 100644 crossplane/v1beta1/helm_crossplane_io_v1beta1_provider_config.k delete mode 100644 crossplane/v1beta1/helm_crossplane_io_v1beta1_release.k create mode 100755 scripts/helm_to_kcl.sh diff --git a/crossplane/README.md b/crossplane/README.md index fcb3c5f3..397e7f2d 100644 --- a/crossplane/README.md +++ b/crossplane/README.md @@ -1,7 +1,13 @@ -# crossplane@v1.15.2 +# crossplane ## Index +- meta + - v1beta1 + - [Function](#function) + - [MetaPkgCrossplaneIoV1beta1FunctionSpec](#metapkgcrossplaneiov1beta1functionspec) + - [MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane](#metapkgcrossplaneiov1beta1functionspeccrossplane) + - [MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0](#metapkgcrossplaneiov1beta1functionspecdependsonitems0) - v1 - [ApiextensionsCrossplaneIoV1CompositeResourceDefinitionSpec](#apiextensionscrossplaneiov1compositeresourcedefinitionspec) - [ApiextensionsCrossplaneIoV1CompositeResourceDefinitionSpecClaimNames](#apiextensionscrossplaneiov1compositeresourcedefinitionspecclaimnames) @@ -59,6 +65,8 @@ - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0PatchesItems0TransformsItems0StringJoin](#apiextensionscrossplaneiov1compositionrevisionspecpatchsetsitems0patchesitems0transformsitems0stringjoin) - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0PatchesItems0TransformsItems0StringRegexp](#apiextensionscrossplaneiov1compositionrevisionspecpatchsetsitems0patchesitems0transformsitems0stringregexp) - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0) + - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0credentialsitems0) + - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0SecretRef](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0credentialsitems0secretref) - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0FunctionRef](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0functionref) - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPublishConnectionDetailsWithStoreConfigRef](#apiextensionscrossplaneiov1compositionrevisionspecpublishconnectiondetailswithstoreconfigref) - [ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionrevisionspecresourcesitems0) @@ -119,6 +127,8 @@ - [ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0PatchesItems0TransformsItems0StringJoin](#apiextensionscrossplaneiov1compositionspecpatchsetsitems0patchesitems0transformsitems0stringjoin) - [ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0PatchesItems0TransformsItems0StringRegexp](#apiextensionscrossplaneiov1compositionspecpatchsetsitems0patchesitems0transformsitems0stringregexp) - [ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionspecpipelineitems0) + - [ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0](#apiextensionscrossplaneiov1compositionspecpipelineitems0credentialsitems0) + - [ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0SecretRef](#apiextensionscrossplaneiov1compositionspecpipelineitems0credentialsitems0secretref) - [ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0FunctionRef](#apiextensionscrossplaneiov1compositionspecpipelineitems0functionref) - [ApiextensionsCrossplaneIoV1CompositionSpecPublishConnectionDetailsWithStoreConfigRef](#apiextensionscrossplaneiov1compositionspecpublishconnectiondetailswithstoreconfigref) - [ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionspecresourcesitems0) @@ -144,14 +154,8 @@ - [CompositionRevision](#compositionrevision) - [Configuration](#configuration) - [ConfigurationRevision](#configurationrevision) - - [MetaPkgCrossplaneIoV1ConfigurationSpec](#metapkgcrossplaneiov1configurationspec) - - [MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane](#metapkgcrossplaneiov1configurationspeccrossplane) - - [MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0](#metapkgcrossplaneiov1configurationspecdependsonitems0) - - [MetaPkgCrossplaneIoV1ProviderSpec](#metapkgcrossplaneiov1providerspec) - - [MetaPkgCrossplaneIoV1ProviderSpecController](#metapkgcrossplaneiov1providerspeccontroller) - - [MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0](#metapkgcrossplaneiov1providerspeccontrollerpermissionrequestsitems0) - - [MetaPkgCrossplaneIoV1ProviderSpecCrossplane](#metapkgcrossplaneiov1providerspeccrossplane) - - [MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0](#metapkgcrossplaneiov1providerspecdependsonitems0) + - [Function](#function) + - [FunctionRevision](#functionrevision) - [PkgCrossplaneIoV1ConfigurationRevisionSpec](#pkgcrossplaneiov1configurationrevisionspec) - [PkgCrossplaneIoV1ConfigurationRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationrevisionspecpackagepullsecretsitems0) - [PkgCrossplaneIoV1ConfigurationRevisionStatus](#pkgcrossplaneiov1configurationrevisionstatus) @@ -162,6 +166,20 @@ - [PkgCrossplaneIoV1ConfigurationSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationspecpackagepullsecretsitems0) - [PkgCrossplaneIoV1ConfigurationStatus](#pkgcrossplaneiov1configurationstatus) - [PkgCrossplaneIoV1ConfigurationStatusConditionsItems0](#pkgcrossplaneiov1configurationstatusconditionsitems0) + - [PkgCrossplaneIoV1FunctionRevisionSpec](#pkgcrossplaneiov1functionrevisionspec) + - [PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef](#pkgcrossplaneiov1functionrevisionspeccontrollerconfigref) + - [PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1functionrevisionspecpackagepullsecretsitems0) + - [PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef](#pkgcrossplaneiov1functionrevisionspecruntimeconfigref) + - [PkgCrossplaneIoV1FunctionRevisionStatus](#pkgcrossplaneiov1functionrevisionstatus) + - [PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0](#pkgcrossplaneiov1functionrevisionstatusconditionsitems0) + - [PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1functionrevisionstatusobjectrefsitems0) + - [PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1functionrevisionstatuspermissionrequestsitems0) + - [PkgCrossplaneIoV1FunctionSpec](#pkgcrossplaneiov1functionspec) + - [PkgCrossplaneIoV1FunctionSpecControllerConfigRef](#pkgcrossplaneiov1functionspeccontrollerconfigref) + - [PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1functionspecpackagepullsecretsitems0) + - [PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef](#pkgcrossplaneiov1functionspecruntimeconfigref) + - [PkgCrossplaneIoV1FunctionStatus](#pkgcrossplaneiov1functionstatus) + - [PkgCrossplaneIoV1FunctionStatusConditionsItems0](#pkgcrossplaneiov1functionstatusconditionsitems0) - [PkgCrossplaneIoV1ProviderRevisionSpec](#pkgcrossplaneiov1providerrevisionspec) - [PkgCrossplaneIoV1ProviderRevisionSpecControllerConfigRef](#pkgcrossplaneiov1providerrevisionspeccontrollerconfigref) - [PkgCrossplaneIoV1ProviderRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1providerrevisionspecpackagepullsecretsitems0) @@ -190,34 +208,6 @@ - [ApiextensionsCrossplaneIoV1alpha1UsageStatusConditionsItems0](#apiextensionscrossplaneiov1alpha1usagestatusconditionsitems0) - [ControllerConfig](#controllerconfig) - [EnvironmentConfig](#environmentconfig) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpec](#helmcrossplaneiov1alpha1providerconfigspec) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials](#helmcrossplaneiov1alpha1providerconfigspeccredentials) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv](#helmcrossplaneiov1alpha1providerconfigspeccredentialsenv) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs](#helmcrossplaneiov1alpha1providerconfigspeccredentialsfs) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef](#helmcrossplaneiov1alpha1providerconfigspeccredentialssecretref) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity](#helmcrossplaneiov1alpha1providerconfigspecidentity) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv](#helmcrossplaneiov1alpha1providerconfigspecidentityenv) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs](#helmcrossplaneiov1alpha1providerconfigspecidentityfs) - - [HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef](#helmcrossplaneiov1alpha1providerconfigspecidentitysecretref) - - [HelmCrossplaneIoV1alpha1ProviderConfigStatus](#helmcrossplaneiov1alpha1providerconfigstatus) - - [HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0](#helmcrossplaneiov1alpha1providerconfigstatusconditionsitems0) - - [NopCrossplaneIoV1alpha1NopResourceSpec](#nopcrossplaneiov1alpha1nopresourcespec) - - [NopCrossplaneIoV1alpha1NopResourceSpecForProvider](#nopcrossplaneiov1alpha1nopresourcespecforprovider) - - [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0](#nopcrossplaneiov1alpha1nopresourcespecforproviderconditionafteritems0) - - [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0](#nopcrossplaneiov1alpha1nopresourcespecforproviderconnectiondetailsitems0) - - [NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef](#nopcrossplaneiov1alpha1nopresourcespecproviderconfigref) - - [NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecproviderconfigrefpolicy) - - [NopCrossplaneIoV1alpha1NopResourceSpecProviderRef](#nopcrossplaneiov1alpha1nopresourcespecproviderref) - - [NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecproviderrefpolicy) - - [NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailsto) - - [NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstoconfigref) - - [NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstoconfigrefpolicy) - - [NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstometadata) - - [NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef](#nopcrossplaneiov1alpha1nopresourcespecwriteconnectionsecrettoref) - - [NopCrossplaneIoV1alpha1NopResourceStatus](#nopcrossplaneiov1alpha1nopresourcestatus) - - [NopCrossplaneIoV1alpha1NopResourceStatusAtProvider](#nopcrossplaneiov1alpha1nopresourcestatusatprovider) - - [NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0](#nopcrossplaneiov1alpha1nopresourcestatusconditionsitems0) - - [NopResource](#nopresource) - [PkgCrossplaneIoV1alpha1ControllerConfigSpec](#pkgcrossplaneiov1alpha1controllerconfigspec) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinity](#pkgcrossplaneiov1alpha1controllerconfigspecaffinity) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityNodeAffinity](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitynodeaffinity) @@ -265,6 +255,7 @@ - [PkgCrossplaneIoV1alpha1ControllerConfigSpecImagePullSecretsItems0](#pkgcrossplaneiov1alpha1controllerconfigspecimagepullsecretsitems0) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecMetadata](#pkgcrossplaneiov1alpha1controllerconfigspecmetadata) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContext](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontext) + - [PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextapparmorprofile) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSeLinuxOptions](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextselinuxoptions) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSeccompProfile](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextseccompprofile) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSysctlsItems0](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextsysctlsitems0) @@ -273,6 +264,7 @@ - [PkgCrossplaneIoV1alpha1ControllerConfigSpecResources](#pkgcrossplaneiov1alpha1controllerconfigspecresources) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecResourcesClaimsItems0](#pkgcrossplaneiov1alpha1controllerconfigspecresourcesclaimsitems0) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContext](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontext) + - [PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextapparmorprofile) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextcapabilities) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextSeLinuxOptions](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextselinuxoptions) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextSeccompProfile](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextseccompprofile) @@ -343,7 +335,6 @@ - [PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0Storageos](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0storageos) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0StorageosSecretRef](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0storageossecretref) - [PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0VsphereVolume](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0vspherevolume) - - [ProviderConfig](#providerconfig) - [SecretsCrossplaneIoV1alpha1StoreConfigSpec](#secretscrossplaneiov1alpha1storeconfigspec) - [SecretsCrossplaneIoV1alpha1StoreConfigSpecKubernetes](#secretscrossplaneiov1alpha1storeconfigspeckubernetes) - [SecretsCrossplaneIoV1alpha1StoreConfigSpecKubernetesAuth](#secretscrossplaneiov1alpha1storeconfigspeckubernetesauth) @@ -356,12 +347,7 @@ - [Usage](#usage) - v1beta1 - [DeploymentRuntimeConfig](#deploymentruntimeconfig) - - [Function](#function) - - [FunctionRevision](#functionrevision) - [Lock](#lock) - - [MetaPkgCrossplaneIoV1beta1FunctionSpec](#metapkgcrossplaneiov1beta1functionspec) - - [MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane](#metapkgcrossplaneiov1beta1functionspeccrossplane) - - [MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0](#metapkgcrossplaneiov1beta1functionspecdependsonitems0) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpec](#pkgcrossplaneiov1beta1deploymentruntimeconfigspec) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplate](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplate) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateMetadata](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatemetadata) @@ -447,6 +433,7 @@ - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0Resources](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0resources) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0ResourcesClaimsItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0resourcesclaimsitems0) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContext](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontext) + - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextapparmorprofile) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextcapabilities) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextselinuxoptions) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextseccompprofile) @@ -501,6 +488,7 @@ - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0Resources](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0resources) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0ResourcesClaimsItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0resourcesclaimsitems0) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContext](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontext) + - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextapparmorprofile) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextcapabilities) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextselinuxoptions) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextseccompprofile) @@ -555,6 +543,7 @@ - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0Resources](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0resources) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0ResourcesClaimsItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0resourcesclaimsitems0) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContext](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontext) + - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextapparmorprofile) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextcapabilities) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextselinuxoptions) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextseccompprofile) @@ -573,6 +562,7 @@ - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecResourceClaimsItems0Source](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecresourceclaimsitems0source) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSchedulingGatesItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecschedulinggatesitems0) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContext](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontext) + - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextapparmorprofile) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextselinuxoptions) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextseccompprofile) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSysctlsItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextsysctlsitems0) @@ -649,25 +639,55 @@ - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecServiceAccountTemplateMetadata](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecserviceaccounttemplatemetadata) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecServiceTemplate](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecservicetemplate) - [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecServiceTemplateMetadata](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecservicetemplatemetadata) - - [PkgCrossplaneIoV1beta1FunctionRevisionSpec](#pkgcrossplaneiov1beta1functionrevisionspec) - - [PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef](#pkgcrossplaneiov1beta1functionrevisionspeccontrollerconfigref) - - [PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1beta1functionrevisionspecpackagepullsecretsitems0) - - [PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef](#pkgcrossplaneiov1beta1functionrevisionspecruntimeconfigref) - - [PkgCrossplaneIoV1beta1FunctionRevisionStatus](#pkgcrossplaneiov1beta1functionrevisionstatus) - - [PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0](#pkgcrossplaneiov1beta1functionrevisionstatusconditionsitems0) - - [PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1beta1functionrevisionstatusobjectrefsitems0) - - [PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1beta1functionrevisionstatuspermissionrequestsitems0) - - [PkgCrossplaneIoV1beta1FunctionSpec](#pkgcrossplaneiov1beta1functionspec) - - [PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef](#pkgcrossplaneiov1beta1functionspeccontrollerconfigref) - - [PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1beta1functionspecpackagepullsecretsitems0) - - [PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef](#pkgcrossplaneiov1beta1functionspecruntimeconfigref) - - [PkgCrossplaneIoV1beta1FunctionStatus](#pkgcrossplaneiov1beta1functionstatus) - - [PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0](#pkgcrossplaneiov1beta1functionstatusconditionsitems0) - [PkgCrossplaneIoV1beta1LockPackagesItems0](#pkgcrossplaneiov1beta1lockpackagesitems0) - [PkgCrossplaneIoV1beta1LockPackagesItems0DependenciesItems0](#pkgcrossplaneiov1beta1lockpackagesitems0dependenciesitems0) ## Schemas +### Function + +A Function is the description of a Crossplane Function package. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required` `readOnly`|"meta.pkg.crossplane.io/v1beta1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"meta.pkg.crossplane.io/v1beta1"| +|**kind** `required` `readOnly`|"Function"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Function"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec** `required`|[MetaPkgCrossplaneIoV1beta1FunctionSpec](#metapkgcrossplaneiov1beta1functionspec)|spec|| +### MetaPkgCrossplaneIoV1beta1FunctionSpec + +FunctionSpec specifies the configuration of a Function. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**crossplane**|[MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane](#metapkgcrossplaneiov1beta1functionspeccrossplane)|crossplane|| +|**dependsOn**|[[MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0](#metapkgcrossplaneiov1beta1functionspecdependsonitems0)]|Dependencies on other packages.|| +|**image**|str|Image is the packaged Function image.|| +### MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane + +Semantic version constraints of Crossplane that package is compatible with. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**version** `required`|str|Semantic version constraints of Crossplane that package is compatible with.|| +### MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0 + +Dependency is a dependency on another package. One of Provider or Configuration may be supplied. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**configuration**|str|Configuration is the name of a Configuration package image.|| +|**function**|str|Function is the name of a Function package image.|| +|**provider**|str|Provider is the name of a Provider package image.|| +|**version** `required`|str|Version is the semantic version constraints of the dependency image.|| ### ApiextensionsCrossplaneIoV1CompositeResourceDefinitionSpec CompositeResourceDefinitionSpec specifies the desired state of the definition. @@ -844,6 +864,7 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| @@ -887,11 +908,11 @@ CompositionRevisionSpec specifies the desired state of the composition revision. | --- | --- | --- | --- | |**compositeTypeRef** `required`|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecCompositeTypeRef](#apiextensionscrossplaneiov1compositionrevisionspeccompositetyperef)|composite type ref|| |**environment**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecEnvironment](#apiextensionscrossplaneiov1compositionrevisionspecenvironment)|environment|| -|**mode**|"Resources" | "Pipeline"|Mode controls what type or "mode" of Composition will be used.

"Resources" (the default) indicates that a Composition uses what is
commonly referred to as "Patch & Transform" or P&T composition. This mode
of Composition uses an array of resources, each a template for a composed
resource.

"Pipeline" indicates that a Composition specifies a pipeline
of Composition Functions, each of which is responsible for producing
composed resources that Crossplane should create or update. THE PIPELINE
MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane
feature flag is disabled.|"Resources"| -|**patchSets**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0](#apiextensionscrossplaneiov1compositionrevisionspecpatchsetsitems0)]|PatchSets define a named set of patches that may be included by any
resource in this Composition. PatchSets cannot themselves refer to other
PatchSets.

PatchSets are only used by the "Resources" mode of Composition. They
are ignored by other modes.|| -|**pipeline**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0)]|Pipeline is a list of composition function steps that will be used when a
composite resource referring to this composition is created. One of
resources and pipeline must be specified - you cannot specify both.

The Pipeline is only used by the "Pipeline" mode of Composition. It is
ignored by other modes.

THIS IS A BETA FIELD. It is not honored if the relevant Crossplane
feature flag is disabled.|| +|**mode**|"Resources" | "Pipeline"|Mode controls what type or "mode" of Composition will be used.

"Pipeline" indicates that a Composition specifies a pipeline of
Composition Functions, each of which is responsible for producing
composed resources that Crossplane should create or update.

"Resources" indicates that a Composition uses what is commonly referred
to as "Patch & Transform" or P&T composition. This mode of Composition
uses an array of resources, each a template for a composed resource.

All Compositions should use Pipeline mode. Resources mode is deprecated.
Resources mode won't be removed in Crossplane 1.x, and will remain the
default to avoid breaking legacy Compositions. However, it's no longer
accepting new features, and only accepting security related bug fixes.|"Resources"| +|**patchSets**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0](#apiextensionscrossplaneiov1compositionrevisionspecpatchsetsitems0)]|PatchSets define a named set of patches that may be included by any
resource in this Composition. PatchSets cannot themselves refer to other
PatchSets.

PatchSets are only used by the "Resources" mode of Composition. They
are ignored by other modes.

Deprecated: Use Composition Functions instead.|| +|**pipeline**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0)]|Pipeline is a list of composition function steps that will be used when a
composite resource referring to this composition is created. One of
resources and pipeline must be specified - you cannot specify both.

The Pipeline is only used by the "Pipeline" mode of Composition. It is
ignored by other modes.|| |**publishConnectionDetailsWithStoreConfigRef**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPublishConnectionDetailsWithStoreConfigRef](#apiextensionscrossplaneiov1compositionrevisionspecpublishconnectiondetailswithstoreconfigref)|publish connection details with store config ref|| -|**resources**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionrevisionspecresourcesitems0)]|Resources is a list of resource templates that will be used when a
composite resource referring to this composition is created.

Resources are only used by the "Resources" mode of Composition. They are
ignored by other modes.|| +|**resources**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionrevisionspecresourcesitems0)]|Resources is a list of resource templates that will be used when a
composite resource referring to this composition is created.

Resources are only used by the "Resources" mode of Composition. They are
ignored by other modes.

Deprecated: Use Composition Functions instead.|| |**revision** `required`|int|Revision number. Newer revisions have larger numbers.|| |**writeConnectionSecretsToNamespace**|str|WriteConnectionSecretsToNamespace specifies the namespace in which the
connection secrets of composite resource dynamically provisioned using
this composition will be created.
This field is planned to be replaced in a future release in favor of
PublishConnectionDetailsWithStoreConfigRef. Currently, both could be
set independently and connection details would be published to both
without affecting each other as long as related fields at MR level
specified.|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecCompositeTypeRef @@ -1017,7 +1038,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecEnvironmentPatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionrevisionspecenvironmentpatchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecEnvironmentPatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -1193,7 +1214,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0PatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionrevisionspecpatchsetsitems0patchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0PatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -1301,9 +1322,31 @@ A PipelineStep in a Composition Function pipeline. | name | type | description | default value | | --- | --- | --- | --- | +|**credentials**|[[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0credentialsitems0)]|Credentials are optional credentials that the Composition Function needs.|| |**functionRef** `required`|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0FunctionRef](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0functionref)|function ref|| |**input**|any|Input is an optional, arbitrary Kubernetes resource (i.e. a resource
with an apiVersion and kind) that will be passed to the Composition
Function as the 'input' of its RunFunctionRequest.|| |**step** `required`|str|Step name. Must be unique within its Pipeline.|| +### ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0 + +FunctionCredentials are optional credentials that a Composition Function needs to run. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of this set of credentials.|| +|**secretRef**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0SecretRef](#apiextensionscrossplaneiov1compositionrevisionspecpipelineitems0credentialsitems0secretref)|secret ref|| +|**source** `required`|"None" | "Secret"|Source of the function credentials.|| +### ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0CredentialsItems0SecretRef + +A SecretRef is a reference to a secret containing credentials that should be supplied to the function. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of the secret.|| +|**namespace** `required`|str|Namespace of the secret.|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0FunctionRef FunctionRef is a reference to the Composition Function this step should execute. @@ -1404,7 +1447,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0PatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionrevisionspecresourcesitems0patchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0PatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -1506,7 +1549,7 @@ Extract a match from the input using a regular expression. |**match** `required`|str|Match string. May optionally include submatches, aka capture groups.
See https://pkg.go.dev/regexp/ for details.|| ### ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0ReadinessChecksItems0 -ReadinessCheck is used to indicate how to tell whether a resource is ready for consumption +ReadinessCheck is used to indicate how to tell whether a resource is ready for consumption. #### Attributes @@ -1546,6 +1589,7 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| @@ -1559,11 +1603,11 @@ CompositionSpec specifies desired state of a composition. | --- | --- | --- | --- | |**compositeTypeRef** `required`|[ApiextensionsCrossplaneIoV1CompositionSpecCompositeTypeRef](#apiextensionscrossplaneiov1compositionspeccompositetyperef)|composite type ref|| |**environment**|[ApiextensionsCrossplaneIoV1CompositionSpecEnvironment](#apiextensionscrossplaneiov1compositionspecenvironment)|environment|| -|**mode**|"Resources" | "Pipeline"|Mode controls what type or "mode" of Composition will be used.

"Resources" (the default) indicates that a Composition uses what is
commonly referred to as "Patch & Transform" or P&T composition. This mode
of Composition uses an array of resources, each a template for a composed
resource.

"Pipeline" indicates that a Composition specifies a pipeline
of Composition Functions, each of which is responsible for producing
composed resources that Crossplane should create or update. THE PIPELINE
MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane
feature flag is disabled.|"Resources"| -|**patchSets**|[[ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0](#apiextensionscrossplaneiov1compositionspecpatchsetsitems0)]|PatchSets define a named set of patches that may be included by any
resource in this Composition. PatchSets cannot themselves refer to other
PatchSets.

PatchSets are only used by the "Resources" mode of Composition. They
are ignored by other modes.|| -|**pipeline**|[[ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionspecpipelineitems0)]|Pipeline is a list of composition function steps that will be used when a
composite resource referring to this composition is created. One of
resources and pipeline must be specified - you cannot specify both.

The Pipeline is only used by the "Pipeline" mode of Composition. It is
ignored by other modes.

THIS IS A BETA FIELD. It is not honored if the relevant Crossplane
feature flag is disabled.|| +|**mode**|"Resources" | "Pipeline"|Mode controls what type or "mode" of Composition will be used.

"Pipeline" indicates that a Composition specifies a pipeline of
Composition Functions, each of which is responsible for producing
composed resources that Crossplane should create or update.

"Resources" indicates that a Composition uses what is commonly referred
to as "Patch & Transform" or P&T composition. This mode of Composition
uses an array of resources, each a template for a composed resource.

All Compositions should use Pipeline mode. Resources mode is deprecated.
Resources mode won't be removed in Crossplane 1.x, and will remain the
default to avoid breaking legacy Compositions. However, it's no longer
accepting new features, and only accepting security related bug fixes.|"Resources"| +|**patchSets**|[[ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0](#apiextensionscrossplaneiov1compositionspecpatchsetsitems0)]|PatchSets define a named set of patches that may be included by any
resource in this Composition. PatchSets cannot themselves refer to other
PatchSets.

PatchSets are only used by the "Resources" mode of Composition. They
are ignored by other modes.

Deprecated: Use Composition Functions instead.|| +|**pipeline**|[[ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0](#apiextensionscrossplaneiov1compositionspecpipelineitems0)]|Pipeline is a list of composition function steps that will be used when a
composite resource referring to this composition is created. One of
resources and pipeline must be specified - you cannot specify both.

The Pipeline is only used by the "Pipeline" mode of Composition. It is
ignored by other modes.|| |**publishConnectionDetailsWithStoreConfigRef**|[ApiextensionsCrossplaneIoV1CompositionSpecPublishConnectionDetailsWithStoreConfigRef](#apiextensionscrossplaneiov1compositionspecpublishconnectiondetailswithstoreconfigref)|publish connection details with store config ref|| -|**resources**|[[ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionspecresourcesitems0)]|Resources is a list of resource templates that will be used when a
composite resource referring to this composition is created.

Resources are only used by the "Resources" mode of Composition. They are
ignored by other modes.|| +|**resources**|[[ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0](#apiextensionscrossplaneiov1compositionspecresourcesitems0)]|Resources is a list of resource templates that will be used when a
composite resource referring to this composition is created.

Resources are only used by the "Resources" mode of Composition. They are
ignored by other modes.

Deprecated: Use Composition Functions instead.|| |**writeConnectionSecretsToNamespace**|str|WriteConnectionSecretsToNamespace specifies the namespace in which the
connection secrets of composite resource dynamically provisioned using
this composition will be created.
This field is planned to be replaced in a future release in favor of
PublishConnectionDetailsWithStoreConfigRef. Currently, both could be
set independently and connection details would be published to both
without affecting each other as long as related fields at MR level
specified.|| ### ApiextensionsCrossplaneIoV1CompositionSpecCompositeTypeRef @@ -1688,7 +1732,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionSpecEnvironmentPatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionspecenvironmentpatchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionSpecEnvironmentPatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -1864,7 +1908,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0PatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionspecpatchsetsitems0patchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0PatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -1972,9 +2016,31 @@ A PipelineStep in a Composition Function pipeline. | name | type | description | default value | | --- | --- | --- | --- | +|**credentials**|[[ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0](#apiextensionscrossplaneiov1compositionspecpipelineitems0credentialsitems0)]|Credentials are optional credentials that the Composition Function needs.|| |**functionRef** `required`|[ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0FunctionRef](#apiextensionscrossplaneiov1compositionspecpipelineitems0functionref)|function ref|| |**input**|any|Input is an optional, arbitrary Kubernetes resource (i.e. a resource
with an apiVersion and kind) that will be passed to the Composition
Function as the 'input' of its RunFunctionRequest.|| |**step** `required`|str|Step name. Must be unique within its Pipeline.|| +### ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0 + +FunctionCredentials are optional credentials that a Composition Function needs to run. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of this set of credentials.|| +|**secretRef**|[ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0SecretRef](#apiextensionscrossplaneiov1compositionspecpipelineitems0credentialsitems0secretref)|secret ref|| +|**source** `required`|"None" | "Secret"|Source of the function credentials.|| +### ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0CredentialsItems0SecretRef + +A SecretRef is a reference to a secret containing credentials that should be supplied to the function. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of the secret.|| +|**namespace** `required`|str|Namespace of the secret.|| ### ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0FunctionRef FunctionRef is a reference to the Composition Function this step should execute. @@ -2075,7 +2141,7 @@ Policy configures the specifics of patching behaviour. |**mergeOptions**|[ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0PatchesItems0PolicyMergeOptions](#apiextensionscrossplaneiov1compositionspecresourcesitems0patchesitems0policymergeoptions)|merge options|| ### ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0PatchesItems0PolicyMergeOptions -MergeOptions Specifies merge options on a field path +MergeOptions Specifies merge options on a field path. #### Attributes @@ -2177,7 +2243,7 @@ Extract a match from the input using a regular expression. |**match** `required`|str|Match string. May optionally include submatches, aka capture groups.
See https://pkg.go.dev/regexp/ for details.|| ### ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0ReadinessChecksItems0 -ReadinessCheck is used to indicate how to tell whether a resource is ready for consumption +ReadinessCheck is used to indicate how to tell whether a resource is ready for consumption. #### Attributes @@ -2200,7 +2266,7 @@ MatchCondition specifies the condition you'd like to match if you're using "Matc |**type** `required`|str||"Ready"| ### CompositeResourceDefinition -A CompositeResourceDefinition defines a new kind of composite infrastructure resource. The new resource is composed of other composite or managed infrastructure resources. +A CompositeResourceDefinition defines the schema for a new custom Kubernetes API. Read the Crossplane documentation for [more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions). #### Attributes @@ -2213,7 +2279,7 @@ A CompositeResourceDefinition defines a new kind of composite infrastructure res |**status**|[ApiextensionsCrossplaneIoV1CompositeResourceDefinitionStatus](#apiextensionscrossplaneiov1compositeresourcedefinitionstatus)|status|| ### Composition -A Composition specifies how a composite resource should be composed. +A Composition defines a collection of managed resources or functions that Crossplane uses to create and manage new composite resources. Read the Crossplane documentation for [more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions). #### Attributes @@ -2225,7 +2291,7 @@ A Composition specifies how a composite resource should be composed. |**spec**|[ApiextensionsCrossplaneIoV1CompositionSpec](#apiextensionscrossplaneiov1compositionspec)|spec|| ### CompositionRevision -A CompositionRevision represents a revision in time of a Composition. Revisions are created by Crossplane; they should be treated as immutable. +A CompositionRevision represents a revision of a Composition. Crossplane creates new revisions when there are changes to the Composition. Crossplane creates and manages CompositionRevisions. Don't directly edit CompositionRevisions. #### Attributes @@ -2238,7 +2304,7 @@ A CompositionRevision represents a revision in time of a Composition. Revisions |**status**|[ApiextensionsCrossplaneIoV1CompositionRevisionStatus](#apiextensionscrossplaneiov1compositionrevisionstatus)|status|| ### Configuration -Configuration is the CRD type for a request to add a configuration to Crossplane. +A Configuration installs an OCI compatible Crossplane package, extending Crossplane with support for new kinds of CompositeResourceDefinitions and Compositions. Read the Crossplane documentation for [more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages). #### Attributes @@ -2251,7 +2317,7 @@ Configuration is the CRD type for a request to add a configuration to Crossplane |**status**|[PkgCrossplaneIoV1ConfigurationStatus](#pkgcrossplaneiov1configurationstatus)|status|| ### ConfigurationRevision -A ConfigurationRevision that has been added to Crossplane. +A ConfigurationRevision represents a revision of a Configuration. Crossplane creates new revisions when there are changes to a Configuration. Crossplane creates and manages ConfigurationRevision. Don't directly edit ConfigurationRevisions. #### Attributes @@ -2262,59 +2328,98 @@ A ConfigurationRevision that has been added to Crossplane. |**metadata**|[ObjectMeta](#objectmeta)|metadata|| |**spec**|[PkgCrossplaneIoV1ConfigurationRevisionSpec](#pkgcrossplaneiov1configurationrevisionspec)|spec|| |**status**|[PkgCrossplaneIoV1ConfigurationRevisionStatus](#pkgcrossplaneiov1configurationrevisionstatus)|status|| -### MetaPkgCrossplaneIoV1ConfigurationSpec +### Function -ConfigurationSpec specifies the configuration of a Configuration. +A Function installs an OCI compatible Crossplane package, extending Crossplane with support for a new kind of composition function. Read the Crossplane documentation for [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions). #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**crossplane**|[MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane](#metapkgcrossplaneiov1configurationspeccrossplane)|crossplane|| -|**dependsOn**|[[MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0](#metapkgcrossplaneiov1configurationspecdependsonitems0)]|Dependencies on other packages.|| -### MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane +|**apiVersion** `required` `readOnly`|"pkg.crossplane.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"pkg.crossplane.io/v1"| +|**kind** `required` `readOnly`|"Function"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Function"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[PkgCrossplaneIoV1FunctionSpec](#pkgcrossplaneiov1functionspec)|spec|| +|**status**|[PkgCrossplaneIoV1FunctionStatus](#pkgcrossplaneiov1functionstatus)|status|| +### FunctionRevision -Semantic version constraints of Crossplane that package is compatible with. +A FunctionRevision represents a revision of a Function. Crossplane creates new revisions when there are changes to the Function. Crossplane creates and manages FunctionRevisions. Don't directly edit FunctionRevisions. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**version** `required`|str|Semantic version constraints of Crossplane that package is compatible with.|| -### MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0 +|**apiVersion** `required` `readOnly`|"pkg.crossplane.io/v1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"pkg.crossplane.io/v1"| +|**kind** `required` `readOnly`|"FunctionRevision"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"FunctionRevision"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[PkgCrossplaneIoV1FunctionRevisionSpec](#pkgcrossplaneiov1functionrevisionspec)|spec|| +|**status**|[PkgCrossplaneIoV1FunctionRevisionStatus](#pkgcrossplaneiov1functionrevisionstatus)|status|| +### PkgCrossplaneIoV1ConfigurationRevisionSpec -Dependency is a dependency on another package. One of Provider or Configuration may be supplied. +PackageRevisionSpec specifies the desired state of a PackageRevision. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**configuration**|str|Configuration is the name of a Configuration package image.|| -|**function**|str|Function is the name of a Function package image.|| -|**provider**|str|Provider is the name of a Provider package image.|| -|**version** `required`|str|Version is the semantic version constraints of the dependency image.|| -### MetaPkgCrossplaneIoV1ProviderSpec +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| +|**desiredState** `required`|str|DesiredState of the PackageRevision. Can be either Active or Inactive.|| +|**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| +|**image** `required`|str|Package image used by install Pod to extract package contents.|| +|**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package. It is also
applied to any images pulled for the package, such as a provider's
controller image.
Default is IfNotPresent.|"IfNotPresent"| +|**packagePullSecrets**|[[PkgCrossplaneIoV1ConfigurationRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationrevisionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be
used to fetch packages from private registries. They are also applied to
any images pulled for the package, such as a provider's controller image.|| +|**revision** `required`|int|Revision number. Indicates when the revision will be garbage collected
based on the parent's RevisionHistoryLimit.|| +|**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| +### PkgCrossplaneIoV1ConfigurationRevisionSpecPackagePullSecretsItems0 -ProviderSpec specifies the configuration of a Provider. +LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**controller** `required`|[MetaPkgCrossplaneIoV1ProviderSpecController](#metapkgcrossplaneiov1providerspeccontroller)|controller|| -|**crossplane**|[MetaPkgCrossplaneIoV1ProviderSpecCrossplane](#metapkgcrossplaneiov1providerspeccrossplane)|crossplane|| -|**dependsOn**|[[MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0](#metapkgcrossplaneiov1providerspecdependsonitems0)]|Dependencies on other packages.|| -### MetaPkgCrossplaneIoV1ProviderSpecController +|**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| +### PkgCrossplaneIoV1ConfigurationRevisionStatus -Configuration for the packaged Provider's controller. +PackageRevisionStatus represents the observed state of a PackageRevision. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**image**|str|Image is the packaged Provider controller image.|| -|**permissionRequests**|[[MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0](#metapkgcrossplaneiov1providerspeccontrollerpermissionrequestsitems0)]|PermissionRequests for RBAC rules required for this provider's controller
to function. The RBAC manager is responsible for assessing the requested
permissions.|| -### MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0 +|**conditions**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusConditionsItems0](#pkgcrossplaneiov1configurationrevisionstatusconditionsitems0)]|Conditions of the resource.|| +|**foundDependencies**|int|Dependency information.|| +|**installedDependencies**|int|installed dependencies|| +|**invalidDependencies**|int|invalid dependencies|| +|**objectRefs**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1configurationrevisionstatusobjectrefsitems0)]|References to objects owned by PackageRevision.|| +|**permissionRequests**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1configurationrevisionstatuspermissionrequestsitems0)]|PermissionRequests made by this package. The package declares that its
controller needs these permissions to run. The RBAC manager is
responsible for granting them.|| +### PkgCrossplaneIoV1ConfigurationRevisionStatusConditionsItems0 + +A Condition that may apply to a resource. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| +|**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| +|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| +|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| +|**type** `required`|str||| +### PkgCrossplaneIoV1ConfigurationRevisionStatusObjectRefsItems0 + +A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**apiVersion** `required`|str|APIVersion of the referenced object.|| +|**kind** `required`|str|Kind of the referenced object.|| +|**name** `required`|str|Name of the referenced object.|| +|**uid**|str|UID of the referenced object.|| +### PkgCrossplaneIoV1ConfigurationRevisionStatusPermissionRequestsItems0 PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. @@ -2327,44 +2432,86 @@ PolicyRule holds information that describes a policy rule, but does not contain |**resourceNames**|[str]|ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.|| |**resources**|[str]|Resources is a list of resources this rule applies to. '*' represents all resources.|| |**verbs** `required`|[str]|Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.|| -### MetaPkgCrossplaneIoV1ProviderSpecCrossplane +### PkgCrossplaneIoV1ConfigurationSpec -Semantic version constraints of Crossplane that package is compatible with. +ConfigurationSpec specifies details about a request to install a configuration to Crossplane. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**version** `required`|str|Semantic version constraints of Crossplane that package is compatible with.|| -### MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0 +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| +|**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| +|**package** `required`|str|Package is the name of the package that is being requested.|| +|**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package.
Default is IfNotPresent.|"IfNotPresent"| +|**packagePullSecrets**|[[PkgCrossplaneIoV1ConfigurationSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be used
to fetch packages from private registries.|| +|**revisionActivationPolicy**|str|RevisionActivationPolicy specifies how the package controller should
update from one revision to the next. Options are Automatic or Manual.
Default is Automatic.|"Automatic"| +|**revisionHistoryLimit**|int|RevisionHistoryLimit dictates how the package controller cleans up old
inactive package revisions.
Defaults to 1. Can be disabled by explicitly setting to 0.|1| +|**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| +### PkgCrossplaneIoV1ConfigurationSpecPackagePullSecretsItems0 -Dependency is a dependency on another package. One of Provider or Configuration may be supplied. +LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**configuration**|str|Configuration is the name of a Configuration package image.|| -|**function**|str|Function is the name of a Function package image.|| -|**provider**|str|Provider is the name of a Provider package image.|| -|**version** `required`|str|Version is the semantic version constraints of the dependency image.|| -### PkgCrossplaneIoV1ConfigurationRevisionSpec +|**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| +### PkgCrossplaneIoV1ConfigurationStatus -PackageRevisionSpec specifies the desired state of a PackageRevision. +ConfigurationStatus represents the observed state of a Configuration. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[PkgCrossplaneIoV1ConfigurationStatusConditionsItems0](#pkgcrossplaneiov1configurationstatusconditionsitems0)]|Conditions of the resource.|| +|**currentIdentifier**|str|CurrentIdentifier is the most recent package source that was used to
produce a revision. The package manager uses this field to determine
whether to check for package updates for a given source when
packagePullPolicy is set to IfNotPresent. Manually removing this field
will cause the package manager to check that the current revision is
correct for the given package source.|| +|**currentRevision**|str|CurrentRevision is the name of the current package revision. It will
reflect the most up to date revision, whether it has been activated or
not.|| +### PkgCrossplaneIoV1ConfigurationStatusConditionsItems0 + +A Condition that may apply to a resource. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| +|**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| +|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| +|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| +|**type** `required`|str||| +### PkgCrossplaneIoV1FunctionRevisionSpec + +FunctionRevisionSpec specifies configuration for a FunctionRevision. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| +|**controllerConfigRef**|[PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef](#pkgcrossplaneiov1functionrevisionspeccontrollerconfigref)|controller config ref|| |**desiredState** `required`|str|DesiredState of the PackageRevision. Can be either Active or Inactive.|| |**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| |**image** `required`|str|Package image used by install Pod to extract package contents.|| |**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package. It is also
applied to any images pulled for the package, such as a provider's
controller image.
Default is IfNotPresent.|"IfNotPresent"| -|**packagePullSecrets**|[[PkgCrossplaneIoV1ConfigurationRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationrevisionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be
used to fetch packages from private registries. They are also applied to
any images pulled for the package, such as a provider's controller image.|| +|**packagePullSecrets**|[[PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1functionrevisionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be
used to fetch packages from private registries. They are also applied to
any images pulled for the package, such as a provider's controller image.|| |**revision** `required`|int|Revision number. Indicates when the revision will be garbage collected
based on the parent's RevisionHistoryLimit.|| +|**runtimeConfigRef**|[PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef](#pkgcrossplaneiov1functionrevisionspecruntimeconfigref)|runtime config ref|| |**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| -### PkgCrossplaneIoV1ConfigurationRevisionSpecPackagePullSecretsItems0 +|**tlsClientSecretName**|str|TLSClientSecretName is the name of the TLS Secret that stores client
certificates of the Provider.|| +|**tlsServerSecretName**|str|TLSServerSecretName is the name of the TLS Secret that stores server
certificates of the Provider.|| +### PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef + +ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. Deprecated: Use RuntimeConfigReference instead. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of the ControllerConfig.|| +### PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0 LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. @@ -2373,21 +2520,33 @@ LocalObjectReference contains enough information to let you locate the reference | name | type | description | default value | | --- | --- | --- | --- | |**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| -### PkgCrossplaneIoV1ConfigurationRevisionStatus +### PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef -PackageRevisionStatus represents the observed state of a PackageRevision. +RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**conditions**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusConditionsItems0](#pkgcrossplaneiov1configurationrevisionstatusconditionsitems0)]|Conditions of the resource.|| +|**apiVersion**|str|API version of the referent.|"pkg.crossplane.io/v1beta1"| +|**kind**|str|Kind of the referent.|"DeploymentRuntimeConfig"| +|**name** `required`|str|Name of the RuntimeConfig.|| +### PkgCrossplaneIoV1FunctionRevisionStatus + +FunctionRevisionStatus represents the observed state of a FunctionRevision. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0](#pkgcrossplaneiov1functionrevisionstatusconditionsitems0)]|Conditions of the resource.|| +|**endpoint**|str|Endpoint is the gRPC endpoint where Crossplane will send
RunFunctionRequests.|| |**foundDependencies**|int|Dependency information.|| |**installedDependencies**|int|installed dependencies|| |**invalidDependencies**|int|invalid dependencies|| -|**objectRefs**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1configurationrevisionstatusobjectrefsitems0)]|References to objects owned by PackageRevision.|| -|**permissionRequests**|[[PkgCrossplaneIoV1ConfigurationRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1configurationrevisionstatuspermissionrequestsitems0)]|PermissionRequests made by this package. The package declares that its
controller needs these permissions to run. The RBAC manager is
responsible for granting them.|| -### PkgCrossplaneIoV1ConfigurationRevisionStatusConditionsItems0 +|**objectRefs**|[[PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1functionrevisionstatusobjectrefsitems0)]|References to objects owned by PackageRevision.|| +|**permissionRequests**|[[PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1functionrevisionstatuspermissionrequestsitems0)]|PermissionRequests made by this package. The package declares that its
controller needs these permissions to run. The RBAC manager is
responsible for granting them.|| +### PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0 A Condition that may apply to a resource. @@ -2397,10 +2556,11 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| -### PkgCrossplaneIoV1ConfigurationRevisionStatusObjectRefsItems0 +### PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0 A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. @@ -2412,7 +2572,7 @@ A TypedReference refers to an object by Name, Kind, and APIVersion. It is common |**kind** `required`|str|Kind of the referenced object.|| |**name** `required`|str|Name of the referenced object.|| |**uid**|str|UID of the referenced object.|| -### PkgCrossplaneIoV1ConfigurationRevisionStatusPermissionRequestsItems0 +### PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0 PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. @@ -2425,23 +2585,34 @@ PolicyRule holds information that describes a policy rule, but does not contain |**resourceNames**|[str]|ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.|| |**resources**|[str]|Resources is a list of resources this rule applies to. '*' represents all resources.|| |**verbs** `required`|[str]|Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.|| -### PkgCrossplaneIoV1ConfigurationSpec +### PkgCrossplaneIoV1FunctionSpec -ConfigurationSpec specifies details about a request to install a configuration to Crossplane. +FunctionSpec specifies the configuration of a Function. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| +|**controllerConfigRef**|[PkgCrossplaneIoV1FunctionSpecControllerConfigRef](#pkgcrossplaneiov1functionspeccontrollerconfigref)|controller config ref|| |**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| |**package** `required`|str|Package is the name of the package that is being requested.|| |**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package.
Default is IfNotPresent.|"IfNotPresent"| -|**packagePullSecrets**|[[PkgCrossplaneIoV1ConfigurationSpecPackagePullSecretsItems0](#pkgcrossplaneiov1configurationspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be used
to fetch packages from private registries.|| +|**packagePullSecrets**|[[PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1functionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be used
to fetch packages from private registries.|| |**revisionActivationPolicy**|str|RevisionActivationPolicy specifies how the package controller should
update from one revision to the next. Options are Automatic or Manual.
Default is Automatic.|"Automatic"| |**revisionHistoryLimit**|int|RevisionHistoryLimit dictates how the package controller cleans up old
inactive package revisions.
Defaults to 1. Can be disabled by explicitly setting to 0.|1| +|**runtimeConfigRef**|[PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef](#pkgcrossplaneiov1functionspecruntimeconfigref)|runtime config ref|| |**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| -### PkgCrossplaneIoV1ConfigurationSpecPackagePullSecretsItems0 +### PkgCrossplaneIoV1FunctionSpecControllerConfigRef + +ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. Deprecated: Use RuntimeConfigReference instead. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**name** `required`|str|Name of the ControllerConfig.|| +### PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0 LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. @@ -2450,18 +2621,29 @@ LocalObjectReference contains enough information to let you locate the reference | name | type | description | default value | | --- | --- | --- | --- | |**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| -### PkgCrossplaneIoV1ConfigurationStatus +### PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef -ConfigurationStatus represents the observed state of a Configuration. +RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**conditions**|[[PkgCrossplaneIoV1ConfigurationStatusConditionsItems0](#pkgcrossplaneiov1configurationstatusconditionsitems0)]|Conditions of the resource.|| +|**apiVersion**|str|API version of the referent.|"pkg.crossplane.io/v1beta1"| +|**kind**|str|Kind of the referent.|"DeploymentRuntimeConfig"| +|**name** `required`|str|Name of the RuntimeConfig.|| +### PkgCrossplaneIoV1FunctionStatus + +FunctionStatus represents the observed state of a Function. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**conditions**|[[PkgCrossplaneIoV1FunctionStatusConditionsItems0](#pkgcrossplaneiov1functionstatusconditionsitems0)]|Conditions of the resource.|| |**currentIdentifier**|str|CurrentIdentifier is the most recent package source that was used to
produce a revision. The package manager uses this field to determine
whether to check for package updates for a given source when
packagePullPolicy is set to IfNotPresent. Manually removing this field
will cause the package manager to check that the current revision is
correct for the given package source.|| |**currentRevision**|str|CurrentRevision is the name of the current package revision. It will
reflect the most up to date revision, whether it has been activated or
not.|| -### PkgCrossplaneIoV1ConfigurationStatusConditionsItems0 +### PkgCrossplaneIoV1FunctionStatusConditionsItems0 A Condition that may apply to a resource. @@ -2471,6 +2653,7 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| @@ -2482,7 +2665,7 @@ ProviderRevisionSpec specifies configuration for a ProviderRevision. | name | type | description | default value | | --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| |**controllerConfigRef**|[PkgCrossplaneIoV1ProviderRevisionSpecControllerConfigRef](#pkgcrossplaneiov1providerrevisionspeccontrollerconfigref)|controller config ref|| |**desiredState** `required`|str|DesiredState of the PackageRevision. Can be either Active or Inactive.|| |**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| @@ -2547,6 +2730,7 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| @@ -2583,7 +2767,7 @@ ProviderSpec specifies details about a request to install a provider to Crosspla | name | type | description | default value | | --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| |**controllerConfigRef**|[PkgCrossplaneIoV1ProviderSpecControllerConfigRef](#pkgcrossplaneiov1providerspeccontrollerconfigref)|controller config ref|| |**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| |**package** `required`|str|Package is the name of the package that is being requested.|| @@ -2643,12 +2827,13 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| ### Provider -Provider is the CRD type for a request to add a provider to Crossplane. +A Provider installs an OCI compatible Crossplane package, extending Crossplane with support for new kinds of managed resources. Read the Crossplane documentation for [more information about Providers](https://docs.crossplane.io/latest/concepts/providers). #### Attributes @@ -2661,7 +2846,7 @@ Provider is the CRD type for a request to add a provider to Crossplane. |**status**|[PkgCrossplaneIoV1ProviderStatus](#pkgcrossplaneiov1providerstatus)|status|| ### ProviderRevision -A ProviderRevision that has been added to Crossplane. +A ProviderRevision represents a revision of a Provider. Crossplane creates new revisions when there are changes to a Provider. Crossplane creates and manages ProviderRevisions. Don't directly edit ProviderRevisions. #### Attributes @@ -2765,333 +2950,34 @@ A Condition that may apply to a resource. | --- | --- | --- | --- | |**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| |**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| +|**observedGeneration**|int|ObservedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.|| |**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| |**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| |**type** `required`|str||| ### ControllerConfig -ControllerConfig is the CRD type for a packaged controller configuration. Deprecated: This API is replaced by DeploymentRuntimeConfig, and is scheduled to be removed in a future release. See the design doc for more details: https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md +A ControllerConfig applies settings to controllers like Provider pods. Deprecated: Use the [DeploymentRuntimeConfig](https://docs.crossplane.io/latest/concepts/providers#runtime-configuration) instead. Read the [Package Runtime Configuration](https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md) design document for more details. #### Attributes | name | type | description | default value | | --- | --- | --- | --- | |**apiVersion** `required` `readOnly`|"pkg.crossplane.io/v1alpha1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"pkg.crossplane.io/v1alpha1"| -|**kind** `required` `readOnly`|"ControllerConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ControllerConfig"| -|**metadata**|[ObjectMeta](#objectmeta)|metadata|| -|**spec**|[PkgCrossplaneIoV1alpha1ControllerConfigSpec](#pkgcrossplaneiov1alpha1controllerconfigspec)|spec|| -### EnvironmentConfig - -A EnvironmentConfig contains a set of arbitrary, unstructured values. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion** `required` `readOnly`|"apiextensions.crossplane.io/v1alpha1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"apiextensions.crossplane.io/v1alpha1"| -|**data**|{str:}|The data of this EnvironmentConfig.
This may contain any kind of structure that can be serialized into JSON.|| -|**kind** `required` `readOnly`|"EnvironmentConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"EnvironmentConfig"| -|**metadata**|[ObjectMeta](#objectmeta)|metadata|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpec - -A ProviderConfigSpec defines the desired state of a Provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**credentials** `required`|[HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials](#helmcrossplaneiov1alpha1providerconfigspeccredentials)|credentials|| -|**identity**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity](#helmcrossplaneiov1alpha1providerconfigspecidentity)|identity|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials - -Credentials used to connect to the Kubernetes API. Typically a kubeconfig file. Use InjectedIdentity for in-cluster config. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**env**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv](#helmcrossplaneiov1alpha1providerconfigspeccredentialsenv)|env|| -|**fs**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs](#helmcrossplaneiov1alpha1providerconfigspeccredentialsfs)|fs|| -|**secretRef**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef](#helmcrossplaneiov1alpha1providerconfigspeccredentialssecretref)|secret ref|| -|**source** `required`|"None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem"|Source of the provider credentials.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv - -Env is a reference to an environment variable that contains credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name is the name of an environment variable.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs - -Fs is a reference to a filesystem location that contains credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**path** `required`|str|Path is a filesystem path.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef - -A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**key** `required`|str|The key to select.|| -|**name** `required`|str|Name of the secret.|| -|**namespace** `required`|str|Namespace of the secret.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity - -Identity used to authenticate to the Kubernetes API. The identity credentials can be used to supplement kubeconfig 'credentials', for example by configuring a bearer token source such as OAuth. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**env**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv](#helmcrossplaneiov1alpha1providerconfigspecidentityenv)|env|| -|**fs**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs](#helmcrossplaneiov1alpha1providerconfigspecidentityfs)|fs|| -|**secretRef**|[HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef](#helmcrossplaneiov1alpha1providerconfigspecidentitysecretref)|secret ref|| -|**source** `required`|"None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem"|Source of the provider credentials.|| -|**type** `required` `readOnly`|"GoogleApplicationCredentials"||"GoogleApplicationCredentials"| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv - -Env is a reference to an environment variable that contains credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name is the name of an environment variable.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs - -Fs is a reference to a filesystem location that contains credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**path** `required`|str|Path is a filesystem path.|| -### HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef - -A SecretRef is a reference to a secret key that contains the credentials that must be used to connect to the provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**key** `required`|str|The key to select.|| -|**name** `required`|str|Name of the secret.|| -|**namespace** `required`|str|Namespace of the secret.|| -### HelmCrossplaneIoV1alpha1ProviderConfigStatus - -A ProviderConfigStatus defines the status of a Provider. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**conditions**|[[HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0](#helmcrossplaneiov1alpha1providerconfigstatusconditionsitems0)]|Conditions of the resource.|| -|**users**|int|Users of this provider configuration.|| -### HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0 - -A Condition that may apply to a resource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one status to another.|| -|**message**|str|A Message containing details about this condition's last transition from one status to another, if any.|| -|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| -|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| -|**type** `required`|str||| -### NopCrossplaneIoV1alpha1NopResourceSpec - -A NopResourceSpec defines the desired state of a NopResource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**deletionPolicy**|"Orphan" | "Delete"|DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource.|"Delete"| -|**forProvider** `required`|[NopCrossplaneIoV1alpha1NopResourceSpecForProvider](#nopcrossplaneiov1alpha1nopresourcespecforprovider)|for provider|| -|**providerConfigRef**|[NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef](#nopcrossplaneiov1alpha1nopresourcespecproviderconfigref)|provider config ref|| -|**providerRef**|[NopCrossplaneIoV1alpha1NopResourceSpecProviderRef](#nopcrossplaneiov1alpha1nopresourcespecproviderref)|provider ref|| -|**publishConnectionDetailsTo**|[NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailsto)|publish connection details to|| -|**writeConnectionSecretToRef**|[NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef](#nopcrossplaneiov1alpha1nopresourcespecwriteconnectionsecrettoref)|write connection secret to ref|| -### NopCrossplaneIoV1alpha1NopResourceSpecForProvider - -NopResourceParameters are the configurable fields of a NopResource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**conditionAfter**|[[NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0](#nopcrossplaneiov1alpha1nopresourcespecforproviderconditionafteritems0)]|ConditionAfter can be used to set status conditions after a specified time. By default a NopResource will only have a status condition of Type: Synced. It will never have a status condition of Type: Ready unless one is configured here.|| -|**connectionDetails**|[[NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0](#nopcrossplaneiov1alpha1nopresourcespecforproviderconnectiondetailsitems0)]|ConnectionDetails that this NopResource should emit on each reconcile.|| -|**fields**|any|Fields is an arbitrary object you can patch to and from. It has no schema, is not validated, and is not used by the NopResource controller.|| -### NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0 - -ResourceConditionAfter specifies a condition of a NopResource that should be set after a certain duration. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**conditionReason**|str|ConditionReason to set - e.g. Available.|| -|**conditionStatus** `required`|str|ConditionStatus to set - e.g. True.|| -|**conditionType** `required`|str|ConditionType to set - e.g. Ready.|| -|**time** `required`|str|Time is the duration after which the condition should be set.|| -### NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0 - -ResourceConnectionDetail specifies a connection detail a NopResource should emit. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the connection detail.|| -|**value** `required`|str|Value of the connection detail.|| -### NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef - -ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the referenced object.|| -|**policy**|[NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecproviderconfigrefpolicy)|policy|| -### NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy - -Policies for referencing. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**resolution**|"Required" | "Optional"|Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.|"Required"| -|**resolve**|"Always" | "IfNotPresent"|Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.|| -### NopCrossplaneIoV1alpha1NopResourceSpecProviderRef - -ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef` - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the referenced object.|| -|**policy**|[NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecproviderrefpolicy)|policy|| -### NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy - -Policies for referencing. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**resolution**|"Required" | "Optional"|Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.|"Required"| -|**resolve**|"Always" | "IfNotPresent"|Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.|| -### NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo - -PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**configRef**|[NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstoconfigref)|config ref|| -|**metadata**|[NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstometadata)|metadata|| -|**name** `required`|str|Name is the name of the connection secret.|| -### NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef - -SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the referenced object.|| -|**policy**|[NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy](#nopcrossplaneiov1alpha1nopresourcespecpublishconnectiondetailstoconfigrefpolicy)|policy|| -### NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy - -Policies for referencing. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**resolution**|"Required" | "Optional"|Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.|"Required"| -|**resolve**|"Always" | "IfNotPresent"|Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.|| -### NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata - -Metadata is the metadata for connection secret. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.annotations". - It is up to Secret Store implementation for others store types.|| -|**labels**|{str:str}|Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.labels". - It is up to Secret Store implementation for others store types.|| -|**type**|str||| -### NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef - -WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the secret.|| -|**namespace** `required`|str|Namespace of the secret.|| -### NopCrossplaneIoV1alpha1NopResourceStatus - -A NopResourceStatus represents the observed state of a NopResource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**atProvider**|[NopCrossplaneIoV1alpha1NopResourceStatusAtProvider](#nopcrossplaneiov1alpha1nopresourcestatusatprovider)|at provider|| -|**conditions**|[[NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0](#nopcrossplaneiov1alpha1nopresourcestatusconditionsitems0)]|Conditions of the resource.|| -### NopCrossplaneIoV1alpha1NopResourceStatusAtProvider - -NopResourceObservation are the observable fields of a NopResource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**fields**|any|Fields is an arbitrary object you can patch to and from. It has no schema, is not validated, and is not used by the NopResource controller.|| -### NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0 - -A Condition that may apply to a resource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one status to another.|| -|**message**|str|A Message containing details about this condition's last transition from one status to another, if any.|| -|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| -|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| -|**type** `required`|str||| -### NopResource +|**kind** `required` `readOnly`|"ControllerConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ControllerConfig"| +|**metadata**|[ObjectMeta](#objectmeta)|metadata|| +|**spec**|[PkgCrossplaneIoV1alpha1ControllerConfigSpec](#pkgcrossplaneiov1alpha1controllerconfigspec)|spec|| +### EnvironmentConfig -A NopResource is an example API type. +An EnvironmentConfig contains user-defined unstructured values for use in a Composition. Read the Crossplane documentation for [more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs). #### Attributes | name | type | description | default value | | --- | --- | --- | --- | -|**apiVersion** `required` `readOnly`|"nop.crossplane.io/v1alpha1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"nop.crossplane.io/v1alpha1"| -|**kind** `required` `readOnly`|"NopResource"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"NopResource"| +|**apiVersion** `required` `readOnly`|"apiextensions.crossplane.io/v1alpha1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"apiextensions.crossplane.io/v1alpha1"| +|**data**|{str:}|The data of this EnvironmentConfig.
This may contain any kind of structure that can be serialized into JSON.|| +|**kind** `required` `readOnly`|"EnvironmentConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"EnvironmentConfig"| |**metadata**|[ObjectMeta](#objectmeta)|metadata|| -|**spec** `required`|[NopCrossplaneIoV1alpha1NopResourceSpec](#nopcrossplaneiov1alpha1nopresourcespec)|spec|| -|**status**|[NopCrossplaneIoV1alpha1NopResourceStatus](#nopcrossplaneiov1alpha1nopresourcestatus)|status|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpec ControllerConfigSpec specifies the configuration for a packaged controller. Values provided will override package manager defaults. Labels and annotations are passed to both the controller Deployment and ServiceAccount. @@ -3115,7 +3001,7 @@ ControllerConfigSpec specifies the configuration for a packaged controller. Valu |**priorityClassName**|str|If specified, indicates the pod's priority. "system-node-critical" and
"system-cluster-critical" are two special keywords which indicate the
highest priorities with the former being the highest priority. Any other
name must be defined by creating a PriorityClass object with that name.
If not specified, the pod priority will be default or zero if there is no
default.|| |**replicas**|int|Number of desired pods. This is a pointer to distinguish between explicit
zero and not specified. Defaults to 1.
Note: If more than 1 replica is set and leader election is not enabled then
controllers could conflict. Environment variable "LEADER_ELECTION" can be
used to enable leader election process.|| |**resources**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecResources](#pkgcrossplaneiov1alpha1controllerconfigspecresources)|resources|| -|**runtimeClassName**|str|RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an
empty definition that uses the default runtime handler.
More info: https://git.k8s.io/enhancements/keps/sig-node/runtime-class.md
This is a beta feature as of Kubernetes v1.14.|| +|**runtimeClassName**|str|RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an
empty definition that uses the default runtime handler.
More info: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/585-runtime-class/README.md
This is a beta feature as of Kubernetes v1.14.|| |**securityContext**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContext](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontext)|security context|| |**serviceAccountName**|str|ServiceAccountName is the name of the ServiceAccount to use to run this pod.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
If specified, a ServiceAccount named this ServiceAccountName will be used for
the spec.serviceAccountName field in Pods to be created and for the subjects.name field
in a ClusterRoleBinding to be created.
If there is no ServiceAccount named this ServiceAccountName, a new ServiceAccount
will be created.
If there is a pre-existing ServiceAccount named this ServiceAccountName, the ServiceAccount
will be used. The annotations in the ControllerConfig will be copied to the ServiceAccount
and pre-existing annotations will be kept.
Regardless of whether there is a ServiceAccount created by Crossplane or is in place already,
the ServiceAccount will be deleted once the Provider and ControllerConfig are deleted.|| |**tolerations**|[[PkgCrossplaneIoV1alpha1ControllerConfigSpecTolerationsItems0](#pkgcrossplaneiov1alpha1controllerconfigspectolerationsitems0)]|If specified, the pod's tolerations.|| @@ -3254,8 +3140,8 @@ Required. A pod affinity term, associated with the corresponding weight. | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -3310,8 +3196,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -3386,8 +3272,8 @@ Required. A pod affinity term, associated with the corresponding weight. | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -3442,8 +3328,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#pkgcrossplaneiov1alpha1controllerconfigspecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -3603,8 +3489,8 @@ Metadata that will be added to the provider Pod. | name | type | description | default value | | --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that may be
set by external tools to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations|| -|**labels**|{str:str}|Map of string keys and values that can be used to organize and
categorize (scope and select) objects. This will only affect
labels on the pod, not the pod selector. Labels will be merged
with internal labels used by crossplane, and labels with a
crossplane.io key might be overwritten.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that may be
set by external tools to store and retrieve arbitrary metadata. They are not
queryable and should be preserved when modifying objects.
More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/|| +|**labels**|{str:str}|Map of string keys and values that can be used to organize and
categorize (scope and select) objects. This will only affect
labels on the pod, not the pod selector. Labels will be merged
with internal labels used by crossplane, and labels with a
crossplane.io key might be overwritten.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContext PodSecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field. @@ -3613,6 +3499,7 @@ PodSecurityContext holds pod-level security attributes and common container sett | name | type | description | default value | | --- | --- | --- | --- | +|**appArmorProfile**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextapparmorprofile)|app armor profile|| |**fsGroup**|int|A special supplemental group that applies to all containers in a pod.
Some volume types allow the Kubelet to change the ownership of that volume
to be owned by the pod:

1. The owning GID will be the FSGroup
2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume.
Note that this field cannot be set when spec.os.name is windows.|| |**fsGroupChangePolicy**|str|fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
before being exposed inside Pod. This field will only apply to
volume types which support fsGroup based ownership(and permissions).
It will have no effect on ephemeral volume types such as: secret, configmaps
and emptydir.
Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
Note that this field cannot be set when spec.os.name is windows.|| |**runAsGroup**|int|The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.|| @@ -3623,6 +3510,16 @@ PodSecurityContext holds pod-level security attributes and common container sett |**supplementalGroups**|[int]|A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
Note that this field cannot be set when spec.os.name is windows.|| |**sysctls**|[[PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSysctlsItems0](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextsysctlsitems0)]|Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
sysctls (by the container runtime) might fail to launch.
Note that this field cannot be set when spec.os.name is windows.|| |**windowsOptions**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextWindowsOptions](#pkgcrossplaneiov1alpha1controllerconfigspecpodsecuritycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSeLinuxOptions The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. @@ -3709,6 +3606,7 @@ SecurityContext holds container-level security attributes and common container s | name | type | description | default value | | --- | --- | --- | --- | |**allowPrivilegeEscalation**|bool|AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.|| +|**appArmorProfile**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextapparmorprofile)|app armor profile|| |**capabilities**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextcapabilities)|capabilities|| |**privileged**|bool|Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.|| |**procMount**|str|procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.|| @@ -3719,6 +3617,16 @@ SecurityContext holds container-level security attributes and common container s |**seLinuxOptions**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextSeLinuxOptions](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextselinuxoptions)|se linux options|| |**seccompProfile**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextSeccompProfile](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextseccompprofile)|seccomp profile|| |**windowsOptions**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextWindowsOptions](#pkgcrossplaneiov1alpha1controllerconfigspecsecuritycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. @@ -3785,9 +3693,10 @@ VolumeMount describes a mounting of a Volume within a container. | name | type | description | default value | | --- | --- | --- | --- | |**mountPath** `required`|str|Path within the container at which the volume should be mounted. Must
not contain ':'.|| -|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.|| +|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).|| |**name** `required`|str|This must match the Name of a Volume.|| |**readOnly**|bool|Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.|| +|**recursiveReadOnly**|str|RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.

If ReadOnly is false, this field has no meaning and must be unspecified.

If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.

If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).

If this field is not specified, it is treated as an equivalent of Disabled.|| |**subPath**|str|Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).|| |**subPathExpr**|str|Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0 @@ -3978,7 +3887,7 @@ DownwardAPIVolumeFile represents information to create the file containing the p |**resourceFieldRef**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0DownwardAPIItemsItems0ResourceFieldRef](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0downwardapiitemsitems0resourcefieldref)|resource field ref|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0DownwardAPIItemsItems0FieldRef -Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #### Attributes @@ -4053,7 +3962,7 @@ The specification for the PersistentVolumeClaim. The entire content is copied un |**resources**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeClaimTemplateSpecResources](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0ephemeralvolumeclaimtemplatespecresources)|resources|| |**selector**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeClaimTemplateSpecSelector](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0ephemeralvolumeclaimtemplatespecselector)|selector|| |**storageClassName**|str|storageClassName is the name of the StorageClass required by the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1|| -|**volumeAttributesClassName**|str|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.|| +|**volumeAttributesClassName**|str|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.|| |**volumeMode**|str|volumeMode defines what type of volume is required by the claim.
Value of Filesystem is implied when not included in claim spec.|| |**volumeName**|str|volumeName is the binding reference to the PersistentVolume backing this claim.|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeClaimTemplateSpecDataSource @@ -4371,7 +4280,7 @@ DownwardAPIVolumeFile represents information to create the file containing the p |**resourceFieldRef**|[PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0ResourceFieldRef](#pkgcrossplaneiov1alpha1controllerconfigspecvolumesitems0projectedsourcesitems0downwardapiitemsitems0resourcefieldref)|resource field ref|| ### PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0FieldRef -Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #### Attributes @@ -4546,19 +4455,6 @@ vsphereVolume represents a vSphere volume attached and mounted on kubelets host |**storagePolicyID**|str|storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.|| |**storagePolicyName**|str|storagePolicyName is the storage Policy Based Management (SPBM) profile name.|| |**volumePath** `required`|str|volumePath is the path that identifies vSphere volume vmdk|| -### ProviderConfig - -A ProviderConfig configures a Helm 'provider', i.e. a connection to a particular - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion** `required` `readOnly`|"helm.crossplane.io/v1alpha1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"helm.crossplane.io/v1alpha1"| -|**kind** `required` `readOnly`|"ProviderConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"ProviderConfig"| -|**metadata**|[ObjectMeta](#objectmeta)|metadata|| -|**spec** `required`|[HelmCrossplaneIoV1alpha1ProviderConfigSpec](#helmcrossplaneiov1alpha1providerconfigspec)|spec|| -|**status**|[HelmCrossplaneIoV1alpha1ProviderConfigStatus](#helmcrossplaneiov1alpha1providerconfigstatus)|status|| ### SecretsCrossplaneIoV1alpha1StoreConfigSpec A StoreConfigSpec defines the desired state of a StoreConfig. @@ -4644,7 +4540,7 @@ ConfigRef contains store config reference info. |**name** `required`|str|Name of the referenced config.|| ### StoreConfig -A StoreConfig configures how Crossplane controllers should store connection details. +A StoreConfig configures how Crossplane controllers should store connection details in an external secret store. #### Attributes @@ -4656,7 +4552,7 @@ A StoreConfig configures how Crossplane controllers should store connection deta |**spec** `required`|[SecretsCrossplaneIoV1alpha1StoreConfigSpec](#secretscrossplaneiov1alpha1storeconfigspec)|spec|| ### Usage -A Usage defines a deletion blocking relationship between two resources. +A Usage defines a deletion blocking relationship between two resources. Usages prevent accidental deletion of a single resource or deletion of resources with dependent resources. Read the Crossplane documentation for [more information about Compositions](https://docs.crossplane.io/latest/concepts/usages). #### Attributes @@ -4669,7 +4565,7 @@ A Usage defines a deletion blocking relationship between two resources. |**status**|[ApiextensionsCrossplaneIoV1alpha1UsageStatus](#apiextensionscrossplaneiov1alpha1usagestatus)|status|| ### DeploymentRuntimeConfig -A DeploymentRuntimeConfig is used to configure the package runtime when the package uses a runtime and the package manager is running with --package-runtime=Deployment (the default). See the following design doc for more details:https://github.com/crossplane/crossplane/blob/91edeae3fcac96c6c8a1759a723981eea4bb77e4/design/one-pager-package-runtime-config.md#migration-from-controllerconfig +The DeploymentRuntimeConfig provides settings for the Kubernetes Deployment of a Provider or composition function package. Read the Crossplane documentation for [more information about DeploymentRuntimeConfigs](https://docs.crossplane.io/latest/concepts/providers/#runtime-configuration). #### Attributes @@ -4679,32 +4575,6 @@ A DeploymentRuntimeConfig is used to configure the package runtime when the pack |**kind** `required` `readOnly`|"DeploymentRuntimeConfig"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"DeploymentRuntimeConfig"| |**metadata**|[ObjectMeta](#objectmeta)|metadata|| |**spec**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpec](#pkgcrossplaneiov1beta1deploymentruntimeconfigspec)|spec|| -### Function - -Function is the CRD type for a request to deploy a long-running Function. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion** `required` `readOnly`|"pkg.crossplane.io/v1beta1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"pkg.crossplane.io/v1beta1"| -|**kind** `required` `readOnly`|"Function"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Function"| -|**metadata**|[ObjectMeta](#objectmeta)|metadata|| -|**spec**|[PkgCrossplaneIoV1beta1FunctionSpec](#pkgcrossplaneiov1beta1functionspec)|spec|| -|**status**|[PkgCrossplaneIoV1beta1FunctionStatus](#pkgcrossplaneiov1beta1functionstatus)|status|| -### FunctionRevision - -A FunctionRevision that has been added to Crossplane. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion** `required` `readOnly`|"pkg.crossplane.io/v1beta1"|APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources|"pkg.crossplane.io/v1beta1"| -|**kind** `required` `readOnly`|"FunctionRevision"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"FunctionRevision"| -|**metadata**|[ObjectMeta](#objectmeta)|metadata|| -|**spec**|[PkgCrossplaneIoV1beta1FunctionRevisionSpec](#pkgcrossplaneiov1beta1functionrevisionspec)|spec|| -|**status**|[PkgCrossplaneIoV1beta1FunctionRevisionStatus](#pkgcrossplaneiov1beta1functionrevisionstatus)|status|| ### Lock Lock is the CRD type that tracks package dependencies. @@ -4717,38 +4587,6 @@ Lock is the CRD type that tracks package dependencies. |**kind** `required` `readOnly`|"Lock"|Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds|"Lock"| |**metadata**|[ObjectMeta](#objectmeta)|metadata|| |**packages**|[[PkgCrossplaneIoV1beta1LockPackagesItems0](#pkgcrossplaneiov1beta1lockpackagesitems0)]|packages|| -### MetaPkgCrossplaneIoV1beta1FunctionSpec - -FunctionSpec specifies the configuration of a Function. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**crossplane**|[MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane](#metapkgcrossplaneiov1beta1functionspeccrossplane)|crossplane|| -|**dependsOn**|[[MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0](#metapkgcrossplaneiov1beta1functionspecdependsonitems0)]|Dependencies on other packages.|| -|**image**|str|Image is the packaged Function image.|| -### MetaPkgCrossplaneIoV1beta1FunctionSpecCrossplane - -Semantic version constraints of Crossplane that package is compatible with. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**version** `required`|str|Semantic version constraints of Crossplane that package is compatible with.|| -### MetaPkgCrossplaneIoV1beta1FunctionSpecDependsOnItems0 - -Dependency is a dependency on another package. One of Provider or Configuration may be supplied. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**configuration**|str|Configuration is the name of a Configuration package image.|| -|**function**|str|Function is the name of a Function package image.|| -|**provider**|str|Provider is the name of a Provider package image.|| -|**version** `required`|str|Version is the semantic version constraints of the dependency image.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpec DeploymentRuntimeConfigSpec specifies the configuration for a packaged controller. Values provided will override package manager defaults. Labels and annotations are passed to both the controller Deployment and ServiceAccount. @@ -4778,8 +4616,8 @@ Metadata contains the configurable metadata fields for the Deployment. | name | type | description | default value | | --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations|| -|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/|| +|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| |**name**|str|Name is the name of the object.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpec @@ -4877,7 +4715,7 @@ Specification of the desired behavior of the pod. More info: https://git.k8s.io/ |**dnsPolicy**|str|Set DNS policy for the pod.
Defaults to "ClusterFirst".
Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.
DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.
To have DNS options set along with hostNetwork, you have to specify DNS policy
explicitly to 'ClusterFirstWithHostNet'.|| |**enableServiceLinks**|bool|EnableServiceLinks indicates whether information about services should be injected into pod's
environment variables, matching the syntax of Docker links.
Optional: Defaults to true.|| |**ephemeralContainers**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0)]|List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing
pod to perform user-initiated actions such as debugging. This list cannot be specified when
creating a pod, and it cannot be modified by updating the pod spec. In order to add an
ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource.|| -|**hostAliases**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecHostAliasesItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespechostaliasesitems0)]|HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
file if specified. This is only valid for non-hostNetwork pods.|| +|**hostAliases**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecHostAliasesItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespechostaliasesitems0)]|HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts
file if specified.|| |**hostIPC**|bool|Use the host's ipc namespace.
Optional: Default to false.|| |**hostNetwork**|bool|Host networking requested for this pod. Use the host's network namespace.
If this option is set, the ports that will be used must be specified.
Default to false.|| |**hostPID**|bool|Use the host's pid namespace.
Optional: Default to false.|| @@ -4897,9 +4735,9 @@ Specification of the desired behavior of the pod. More info: https://git.k8s.io/ |**restartPolicy**|str|Restart policy for all containers within the pod.
One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.
Default to Always.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy|| |**runtimeClassName**|str|RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used
to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.
If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an
empty definition that uses the default runtime handler.
More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class|| |**schedulerName**|str|If specified, the pod will be dispatched by specified scheduler.
If not specified, the pod will be dispatched by default scheduler.|| -|**schedulingGates**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSchedulingGatesItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecschedulinggatesitems0)]|SchedulingGates is an opaque list of values that if specified will block scheduling the pod.
If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the
scheduler will not attempt to schedule the pod.

SchedulingGates can only be set at pod creation time, and be removed only afterwards.

This is a beta feature enabled by the PodSchedulingReadiness feature gate.|| +|**schedulingGates**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSchedulingGatesItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecschedulinggatesitems0)]|SchedulingGates is an opaque list of values that if specified will block scheduling the pod.
If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the
scheduler will not attempt to schedule the pod.

SchedulingGates can only be set at pod creation time, and be removed only afterwards.|| |**securityContext**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContext](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontext)|security context|| -|**serviceAccount**|str|DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.
Deprecated: Use serviceAccountName instead.|| +|**serviceAccount**|str|DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.
Deprecated: Use serviceAccountName instead.|| |**serviceAccountName**|str|ServiceAccountName is the name of the ServiceAccount to use to run this pod.
More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/|| |**setHostnameAsFQDN**|bool|If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).
In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).
In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN.
If a pod does not have FQDN, this has no effect.
Default to false.|| |**shareProcessNamespace**|bool|Share a single process namespace between all of the containers in a pod.
When this is set containers will be able to view and signal processes from other containers
in the same pod, and the first process in each container will not be assigned PID 1.
HostPID and ShareProcessNamespace cannot both be set.
Optional: Default to false.|| @@ -5041,8 +4879,8 @@ Required. A pod affinity term, associated with the corresponding weight. | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -5097,8 +4935,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -5173,8 +5011,8 @@ Required. A pod affinity term, associated with the corresponding weight. | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermLabelSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermlabelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodantiaffinitypreferredduringschedulingignoredduringexecutionitems0podaffinitytermnamespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -5229,8 +5067,8 @@ Defines a set of pods (namely those matching the labelSelector relative to the g | name | type | description | default value | | --- | --- | --- | --- | |**labelSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0LabelSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0labelselector)|label selector|| -|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
Also, MatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| -|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.
Also, MismatchLabelKeys cannot be set when LabelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both matchLabelKeys and labelSelector.
Also, matchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| +|**mismatchLabelKeys**|[str]|MismatchLabelKeys is a set of pod label keys to select which pods will
be taken into consideration. The keys are used to lookup values from the
incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`
to select the group of existing pods which pods will be taken into consideration
for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming
pod labels will be ignored. The default value is empty.
The same key is forbidden to exist in both mismatchLabelKeys and labelSelector.
Also, mismatchLabelKeys cannot be set when labelSelector isn't set.
This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.|| |**namespaceSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecaffinitypodantiaffinityrequiredduringschedulingignoredduringexecutionitems0namespaceselector)|namespace selector|| |**namespaces**|[str]|namespaces specifies a static list of namespace names that the term applies to.
The term is applied to the union of the namespaces listed in this field
and the ones selected by namespaceSelector.
null or empty namespaces list and null namespaceSelector means "this pod's namespace".|| |**topologyKey** `required`|str|This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where co-located is defined as running on a node
whose value of the label with key topologyKey matches that of any node on which any of the
selected pods is running.
Empty topologyKey is not allowed.|| @@ -5733,6 +5571,7 @@ SecurityContext defines the security options the container should be run with. I | name | type | description | default value | | --- | --- | --- | --- | |**allowPrivilegeEscalation**|bool|AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.|| +|**appArmorProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextapparmorprofile)|app armor profile|| |**capabilities**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextcapabilities)|capabilities|| |**privileged**|bool|Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.|| |**procMount**|str|procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.|| @@ -5743,6 +5582,16 @@ SecurityContext defines the security options the container should be run with. I |**seLinuxOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextselinuxoptions)|se linux options|| |**seccompProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextseccompprofile)|seccomp profile|| |**windowsOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextWindowsOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespeccontainersitems0securitycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. @@ -5876,9 +5725,10 @@ VolumeMount describes a mounting of a Volume within a container. | name | type | description | default value | | --- | --- | --- | --- | |**mountPath** `required`|str|Path within the container at which the volume should be mounted. Must
not contain ':'.|| -|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.|| +|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).|| |**name** `required`|str|This must match the Name of a Volume.|| |**readOnly**|bool|Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.|| +|**recursiveReadOnly**|str|RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.

If ReadOnly is false, this field has no meaning and must be unspecified.

If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.

If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).

If this field is not specified, it is treated as an equivalent of Disabled.|| |**subPath**|str|Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).|| |**subPathExpr**|str|Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecDNSConfig @@ -6360,6 +6210,7 @@ Optional: SecurityContext defines the security options the ephemeral container s | name | type | description | default value | | --- | --- | --- | --- | |**allowPrivilegeEscalation**|bool|AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.|| +|**appArmorProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextapparmorprofile)|app armor profile|| |**capabilities**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextcapabilities)|capabilities|| |**privileged**|bool|Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.|| |**procMount**|str|procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.|| @@ -6370,6 +6221,16 @@ Optional: SecurityContext defines the security options the ephemeral container s |**seLinuxOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextselinuxoptions)|se linux options|| |**seccompProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextseccompprofile)|seccomp profile|| |**windowsOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextWindowsOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecephemeralcontainersitems0securitycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. @@ -6503,9 +6364,10 @@ VolumeMount describes a mounting of a Volume within a container. | name | type | description | default value | | --- | --- | --- | --- | |**mountPath** `required`|str|Path within the container at which the volume should be mounted. Must
not contain ':'.|| -|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.|| +|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).|| |**name** `required`|str|This must match the Name of a Volume.|| |**readOnly**|bool|Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.|| +|**recursiveReadOnly**|str|RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.

If ReadOnly is false, this field has no meaning and must be unspecified.

If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.

If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).

If this field is not specified, it is treated as an equivalent of Disabled.|| |**subPath**|str|Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).|| |**subPathExpr**|str|Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecHostAliasesItems0 @@ -6517,7 +6379,7 @@ HostAlias holds the mapping between IP and hostnames that will be injected as an | name | type | description | default value | | --- | --- | --- | --- | |**hostnames**|[str]|Hostnames for the above IP address.|| -|**ip**|str|IP address of the host file entry.|| +|**ip** `required`|str|IP address of the host file entry.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecImagePullSecretsItems0 LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. @@ -6526,7 +6388,7 @@ LocalObjectReference contains enough information to let you locate the reference | name | type | description | default value | | --- | --- | --- | --- | -|**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| +|**name** `required`|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0 A single application container that you want to run within a pod. @@ -6984,6 +6846,7 @@ SecurityContext defines the security options the container should be run with. I | name | type | description | default value | | --- | --- | --- | --- | |**allowPrivilegeEscalation**|bool|AllowPrivilegeEscalation controls whether a process can gain more
privileges than its parent process. This bool directly controls if
the no_new_privs flag will be set on the container process.
AllowPrivilegeEscalation is true always when the container is:
1) run as Privileged
2) has CAP_SYS_ADMIN
Note that this field cannot be set when spec.os.name is windows.|| +|**appArmorProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextapparmorprofile)|app armor profile|| |**capabilities**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextcapabilities)|capabilities|| |**privileged**|bool|Run container in privileged mode.
Processes in privileged containers are essentially equivalent to root on the host.
Defaults to false.
Note that this field cannot be set when spec.os.name is windows.|| |**procMount**|str|procMount denotes the type of proc mount to use for the containers.
The default is DefaultProcMount which uses the container runtime defaults for
readonly paths and masked paths.
This requires the ProcMountType feature flag to be enabled.
Note that this field cannot be set when spec.os.name is windows.|| @@ -6994,6 +6857,16 @@ SecurityContext defines the security options the container should be run with. I |**seLinuxOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextSeLinuxOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextselinuxoptions)|se linux options|| |**seccompProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextSeccompProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextseccompprofile)|seccomp profile|| |**windowsOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextWindowsOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecinitcontainersitems0securitycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. @@ -7127,14 +7000,15 @@ VolumeMount describes a mounting of a Volume within a container. | name | type | description | default value | | --- | --- | --- | --- | |**mountPath** `required`|str|Path within the container at which the volume should be mounted. Must
not contain ':'.|| -|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.|| +|**mountPropagation**|str|mountPropagation determines how mounts are propagated from the host
to container and the other way around.
When not set, MountPropagationNone is used.
This field is beta in 1.10.
When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified
(which defaults to None).|| |**name** `required`|str|This must match the Name of a Volume.|| |**readOnly**|bool|Mounted read-only if true, read-write otherwise (false or unspecified).
Defaults to false.|| +|**recursiveReadOnly**|str|RecursiveReadOnly specifies whether read-only mounts should be handled
recursively.

If ReadOnly is false, this field has no meaning and must be unspecified.

If ReadOnly is true, and this field is set to Disabled, the mount is not made
recursively read-only. If this field is set to IfPossible, the mount is made
recursively read-only, if it is supported by the container runtime. If this
field is set to Enabled, the mount is made recursively read-only if it is
supported by the container runtime, otherwise the pod will not be started and
an error will be generated to indicate the reason.

If this field is set to IfPossible or Enabled, MountPropagation must be set to
None (or be unspecified, which defaults to None).

If this field is not specified, it is treated as an equivalent of Disabled.|| |**subPath**|str|Path within the volume from which the container's volume should be mounted.
Defaults to "" (volume's root).|| |**subPathExpr**|str|Expanded path within the volume from which the container's volume should be mounted.
Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.
Defaults to "" (volume's root).
SubPathExpr and SubPath are mutually exclusive.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecOs -Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup +Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup #### Attributes @@ -7187,6 +7061,7 @@ SecurityContext holds pod-level security attributes and common container setting | name | type | description | default value | | --- | --- | --- | --- | +|**appArmorProfile**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextapparmorprofile)|app armor profile|| |**fsGroup**|int|A special supplemental group that applies to all containers in a pod.
Some volume types allow the Kubelet to change the ownership of that volume
to be owned by the pod:

1. The owning GID will be the FSGroup
2. The setgid bit is set (new files created in the volume will be owned by FSGroup)
3. The permission bits are OR'd with rw-rw----

If unset, the Kubelet will not modify the ownership and permissions of any volume.
Note that this field cannot be set when spec.os.name is windows.|| |**fsGroupChangePolicy**|str|fsGroupChangePolicy defines behavior of changing ownership and permission of the volume
before being exposed inside Pod. This field will only apply to
volume types which support fsGroup based ownership(and permissions).
It will have no effect on ephemeral volume types such as: secret, configmaps
and emptydir.
Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used.
Note that this field cannot be set when spec.os.name is windows.|| |**runAsGroup**|int|The GID to run the entrypoint of the container process.
Uses runtime default if unset.
May also be set in SecurityContext. If set in both SecurityContext and
PodSecurityContext, the value specified in SecurityContext takes precedence
for that container.
Note that this field cannot be set when spec.os.name is windows.|| @@ -7197,6 +7072,16 @@ SecurityContext holds pod-level security attributes and common container setting |**supplementalGroups**|[int]|A list of groups applied to the first process run in each container, in addition
to the container's primary GID, the fsGroup (if specified), and group memberships
defined in the container image for the uid of the container process. If unspecified,
no additional groups are added to any container. Note that group memberships
defined in the container image for the uid of the container process are still effective,
even if they are not included in this list.
Note that this field cannot be set when spec.os.name is windows.|| |**sysctls**|[[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSysctlsItems0](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextsysctlsitems0)]|Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported
sysctls (by the container runtime) might fail to launch.
Note that this field cannot be set when spec.os.name is windows.|| |**windowsOptions**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextWindowsOptions](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecsecuritycontextwindowsoptions)|windows options|| +### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile + +appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. + +#### Attributes + +| name | type | description | default value | +| --- | --- | --- | --- | +|**localhostProfile**|str|localhostProfile indicates a profile loaded on the node that should be used.
The profile must be preconfigured on the node to work.
Must match the loaded name of the profile.
Must be set if and only if type is "Localhost".|| +|**type** `required`|str||| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSeLinuxOptions The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. @@ -7265,7 +7150,7 @@ TopologySpreadConstraint specifies how to spread matching pods among the given t |**labelSelector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecTopologySpreadConstraintsItems0LabelSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespectopologyspreadconstraintsitems0labelselector)|label selector|| |**matchLabelKeys**|[str]|MatchLabelKeys is a set of pod label keys to select the pods over which
spreading will be calculated. The keys are used to lookup values from the
incoming pod labels, those key-value labels are ANDed with labelSelector
to select the group of existing pods over which spreading will be calculated
for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.
MatchLabelKeys cannot be set when LabelSelector isn't set.
Keys that don't exist in the incoming pod labels will
be ignored. A null or empty list means only match against labelSelector.

This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).|| |**maxSkew** `required`|int|MaxSkew describes the degree to which pods may be unevenly distributed.
When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference
between the number of matching pods in the target topology and the global minimum.
The global minimum is the minimum number of matching pods in an eligible domain
or zero if the number of eligible domains is less than MinDomains.
For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same
labelSelector spread as 2/2/1:
In this case, the global minimum is 1.
\| zone1 \| zone2 \| zone3 \|
\| P P \| P P \| P \|
- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;
scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)
violate MaxSkew(1).
- if MaxSkew is 2, incoming pod can be scheduled onto any zone.
When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence
to topologies that satisfy it.
It's a required field. Default value is 1 and 0 is not allowed.|| -|**minDomains**|int|MinDomains indicates a minimum number of eligible domains.
When the number of eligible domains with matching topology keys is less than minDomains,
Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
And when the number of eligible domains with matching topology keys equals or greater than minDomains,
this value has no effect on scheduling.
As a result, when the number of eligible domains is less than minDomains,
scheduler won't schedule more than maxSkew Pods to those domains.
If value is nil, the constraint behaves as if MinDomains is equal to 1.
Valid values are integers greater than 0.
When value is not nil, WhenUnsatisfiable must be DoNotSchedule.

For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
labelSelector spread as 2/2/2:
\| zone1 \| zone2 \| zone3 \|
\| P P \| P P \| P P \|
The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
In this situation, new pod with the same labelSelector cannot be scheduled,
because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
it will violate MaxSkew.

This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).|| +|**minDomains**|int|MinDomains indicates a minimum number of eligible domains.
When the number of eligible domains with matching topology keys is less than minDomains,
Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed.
And when the number of eligible domains with matching topology keys equals or greater than minDomains,
this value has no effect on scheduling.
As a result, when the number of eligible domains is less than minDomains,
scheduler won't schedule more than maxSkew Pods to those domains.
If value is nil, the constraint behaves as if MinDomains is equal to 1.
Valid values are integers greater than 0.
When value is not nil, WhenUnsatisfiable must be DoNotSchedule.

For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same
labelSelector spread as 2/2/2:
\| zone1 \| zone2 \| zone3 \|
\| P P \| P P \| P P \|
The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0.
In this situation, new pod with the same labelSelector cannot be scheduled,
because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,
it will violate MaxSkew.|| |**nodeAffinityPolicy**|str|NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector
when calculating pod topology spread skew. Options are:
- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.
- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.

If this value is nil, the behavior is equivalent to the Honor policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.|| |**nodeTaintsPolicy**|str|NodeTaintsPolicy indicates how we will treat node taints when calculating
pod topology spread skew. Options are:
- Honor: nodes without taints, along with tainted nodes for which the incoming pod
has a toleration, are included.
- Ignore: node taints are ignored. All nodes are included.

If this value is nil, the behavior is equivalent to the Ignore policy.
This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.|| |**topologyKey** `required`|str|TopologyKey is the key of node labels. Nodes that have a label with this key
and identical values are considered to be in the same topology.
We consider each as a "bucket", and try to put balanced number
of pods into each bucket.
We define a domain as a particular instance of a topology.
Also, we define an eligible domain as a domain whose nodes meet the requirements of
nodeAffinityPolicy and nodeTaintsPolicy.
e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology.
And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology.
It's a required field.|| @@ -7479,7 +7364,7 @@ DownwardAPIVolumeFile represents information to create the file containing the p |**resourceFieldRef**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0DownwardAPIItemsItems0ResourceFieldRef](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecvolumesitems0downwardapiitemsitems0resourcefieldref)|resource field ref|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0DownwardAPIItemsItems0FieldRef -Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #### Attributes @@ -7554,7 +7439,7 @@ The specification for the PersistentVolumeClaim. The entire content is copied un |**resources**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0EphemeralVolumeClaimTemplateSpecResources](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecvolumesitems0ephemeralvolumeclaimtemplatespecresources)|resources|| |**selector**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0EphemeralVolumeClaimTemplateSpecSelector](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecvolumesitems0ephemeralvolumeclaimtemplatespecselector)|selector|| |**storageClassName**|str|storageClassName is the name of the StorageClass required by the claim.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1|| -|**volumeAttributesClassName**|str|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.|| +|**volumeAttributesClassName**|str|volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.
If specified, the CSI driver will create or update the volume with the attributes defined
in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,
it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass
will be applied to the claim but it's not allowed to reset this field to empty string once it is set.
If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass
will be set by the persistentvolume controller if it exists.
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.|| |**volumeMode**|str|volumeMode defines what type of volume is required by the claim.
Value of Filesystem is implied when not included in claim spec.|| |**volumeName**|str|volumeName is the binding reference to the PersistentVolume backing this claim.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0EphemeralVolumeClaimTemplateSpecDataSource @@ -7872,7 +7757,7 @@ DownwardAPIVolumeFile represents information to create the file containing the p |**resourceFieldRef**|[PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0ResourceFieldRef](#pkgcrossplaneiov1beta1deploymentruntimeconfigspecdeploymenttemplatespectemplatespecvolumesitems0projectedsourcesitems0downwardapiitemsitems0resourcefieldref)|resource field ref|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0FieldRef -Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #### Attributes @@ -8064,8 +7949,8 @@ Metadata contains the configurable metadata fields for the ServiceAccount. | name | type | description | default value | | --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations|| -|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/|| +|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| |**name**|str|Name is the name of the object.|| ### PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecServiceTemplate @@ -8084,182 +7969,9 @@ Metadata contains the configurable metadata fields for the Service. | name | type | description | default value | | --- | --- | --- | --- | -|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http://kubernetes.io/docs/user-guide/annotations|| -|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: http://kubernetes.io/docs/user-guide/labels|| +|**annotations**|{str:str}|Annotations is an unstructured key value map stored with a resource that
may be set by external tools to store and retrieve arbitrary metadata.
They are not queryable and should be preserved when modifying objects.
More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/|| +|**labels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. Labels will be merged with internal labels
used by crossplane, and labels with a crossplane.io key might be
overwritten.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/|| |**name**|str|Name is the name of the object.|| -### PkgCrossplaneIoV1beta1FunctionRevisionSpec - -FunctionRevisionSpec specifies configuration for a FunctionRevision. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| -|**controllerConfigRef**|[PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef](#pkgcrossplaneiov1beta1functionrevisionspeccontrollerconfigref)|controller config ref|| -|**desiredState** `required`|str|DesiredState of the PackageRevision. Can be either Active or Inactive.|| -|**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| -|**image** `required`|str|Package image used by install Pod to extract package contents.|| -|**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package. It is also
applied to any images pulled for the package, such as a provider's
controller image.
Default is IfNotPresent.|"IfNotPresent"| -|**packagePullSecrets**|[[PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1beta1functionrevisionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be
used to fetch packages from private registries. They are also applied to
any images pulled for the package, such as a provider's controller image.|| -|**revision** `required`|int|Revision number. Indicates when the revision will be garbage collected
based on the parent's RevisionHistoryLimit.|| -|**runtimeConfigRef**|[PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef](#pkgcrossplaneiov1beta1functionrevisionspecruntimeconfigref)|runtime config ref|| -|**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| -|**tlsClientSecretName**|str|TLSClientSecretName is the name of the TLS Secret that stores client
certificates of the Provider.|| -|**tlsServerSecretName**|str|TLSServerSecretName is the name of the TLS Secret that stores server
certificates of the Provider.|| -### PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef - -ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. Deprecated: Use RuntimeConfigReference instead. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the ControllerConfig.|| -### PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0 - -LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| -### PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef - -RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion**|str|API version of the referent.|"pkg.crossplane.io/v1beta1"| -|**kind**|str|Kind of the referent.|"DeploymentRuntimeConfig"| -|**name** `required`|str|Name of the RuntimeConfig.|| -### PkgCrossplaneIoV1beta1FunctionRevisionStatus - -FunctionRevisionStatus represents the observed state of a FunctionRevision. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**conditions**|[[PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0](#pkgcrossplaneiov1beta1functionrevisionstatusconditionsitems0)]|Conditions of the resource.|| -|**endpoint**|str|Endpoint is the gRPC endpoint where Crossplane will send
RunFunctionRequests.|| -|**foundDependencies**|int|Dependency information.|| -|**installedDependencies**|int|installed dependencies|| -|**invalidDependencies**|int|invalid dependencies|| -|**objectRefs**|[[PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0](#pkgcrossplaneiov1beta1functionrevisionstatusobjectrefsitems0)]|References to objects owned by PackageRevision.|| -|**permissionRequests**|[[PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0](#pkgcrossplaneiov1beta1functionrevisionstatuspermissionrequestsitems0)]|PermissionRequests made by this package. The package declares that its
controller needs these permissions to run. The RBAC manager is
responsible for granting them.|| -### PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0 - -A Condition that may apply to a resource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| -|**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| -|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| -|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| -|**type** `required`|str||| -### PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0 - -A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the namespace is already known. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion** `required`|str|APIVersion of the referenced object.|| -|**kind** `required`|str|Kind of the referenced object.|| -|**name** `required`|str|Name of the referenced object.|| -|**uid**|str|UID of the referenced object.|| -### PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0 - -PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiGroups**|[str]|APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups.|| -|**nonResourceURLs**|[str]|NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path
Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both.|| -|**resourceNames**|[str]|ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed.|| -|**resources**|[str]|Resources is a list of resources this rule applies to. '*' represents all resources.|| -|**verbs** `required`|[str]|Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs.|| -### PkgCrossplaneIoV1beta1FunctionSpec - -FunctionSpec specifies the configuration of a Function. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**commonLabels**|{str:str}|Map of string keys and values that can be used to organize and categorize
(scope and select) objects. May match selectors of replication controllers
and services.
More info: http://kubernetes.io/docs/user-guide/labels|| -|**controllerConfigRef**|[PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef](#pkgcrossplaneiov1beta1functionspeccontrollerconfigref)|controller config ref|| -|**ignoreCrossplaneConstraints**|bool|IgnoreCrossplaneConstraints indicates to the package manager whether to
honor Crossplane version constrains specified by the package.
Default is false.|False| -|**package** `required`|str|Package is the name of the package that is being requested.|| -|**packagePullPolicy**|str|PackagePullPolicy defines the pull policy for the package.
Default is IfNotPresent.|"IfNotPresent"| -|**packagePullSecrets**|[[PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0](#pkgcrossplaneiov1beta1functionspecpackagepullsecretsitems0)]|PackagePullSecrets are named secrets in the same namespace that can be used
to fetch packages from private registries.|| -|**revisionActivationPolicy**|str|RevisionActivationPolicy specifies how the package controller should
update from one revision to the next. Options are Automatic or Manual.
Default is Automatic.|"Automatic"| -|**revisionHistoryLimit**|int|RevisionHistoryLimit dictates how the package controller cleans up old
inactive package revisions.
Defaults to 1. Can be disabled by explicitly setting to 0.|1| -|**runtimeConfigRef**|[PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef](#pkgcrossplaneiov1beta1functionspecruntimeconfigref)|runtime config ref|| -|**skipDependencyResolution**|bool|SkipDependencyResolution indicates to the package manager whether to skip
resolving dependencies for a package. Setting this value to true may have
unintended consequences.
Default is false.|False| -### PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef - -ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. Deprecated: Use RuntimeConfigReference instead. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name** `required`|str|Name of the ControllerConfig.|| -### PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0 - -LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**name**|str|Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?|| -### PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef - -RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**apiVersion**|str|API version of the referent.|"pkg.crossplane.io/v1beta1"| -|**kind**|str|Kind of the referent.|"DeploymentRuntimeConfig"| -|**name** `required`|str|Name of the RuntimeConfig.|| -### PkgCrossplaneIoV1beta1FunctionStatus - -FunctionStatus represents the observed state of a Function. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**conditions**|[[PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0](#pkgcrossplaneiov1beta1functionstatusconditionsitems0)]|Conditions of the resource.|| -|**currentIdentifier**|str|CurrentIdentifier is the most recent package source that was used to
produce a revision. The package manager uses this field to determine
whether to check for package updates for a given source when
packagePullPolicy is set to IfNotPresent. Manually removing this field
will cause the package manager to check that the current revision is
correct for the given package source.|| -|**currentRevision**|str|CurrentRevision is the name of the current package revision. It will
reflect the most up to date revision, whether it has been activated or
not.|| -### PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0 - -A Condition that may apply to a resource. - -#### Attributes - -| name | type | description | default value | -| --- | --- | --- | --- | -|**lastTransitionTime** `required`|str|LastTransitionTime is the last time this condition transitioned from one
status to another.|| -|**message**|str|A Message containing details about this condition's last transition from
one status to another, if any.|| -|**reason** `required`|str|A Reason for this condition's last transition from one status to another.|| -|**status** `required`|str|Status of this condition; is it currently True, False, or Unknown?|| -|**type** `required`|str||| ### PkgCrossplaneIoV1beta1LockPackagesItems0 LockPackage is a package that is in the lock. diff --git a/crossplane/crossplane@v1.16.0 b/crossplane/crds/crossplane.yaml similarity index 58% rename from crossplane/crossplane@v1.16.0 rename to crossplane/crds/crossplane.yaml index ea3abac1..fc78c28e 100644 --- a/crossplane/crossplane@v1.16.0 +++ b/crossplane/crds/crossplane.yaml @@ -1,11 +1,18 @@ --- + apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:41:59Z' + generation: 1 name: compositeresourcedefinitions.apiextensions.crossplane.io + resourceVersion: '529' + uid: 4d14fab9-f62e-42c9-afb2-fd0c11c5207c spec: + conversion: + strategy: None group: apiextensions.crossplane.io names: categories: @@ -32,28 +39,40 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A CompositeResourceDefinition defines the schema for a new custom Kubernetes + description: 'A CompositeResourceDefinition defines the schema for a new custom + Kubernetes + API. + Read the Crossplane documentation for - [more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions). + + [more information about CustomResourceDefinitions](https://docs.crossplane.io/latest/concepts/composite-resource-definitions).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -62,48 +81,73 @@ spec: of the definition. properties: claimNames: - description: |- - ClaimNames specifies the names of an optional composite resource claim. + description: 'ClaimNames specifies the names of an optional composite + resource claim. + When claim names are specified Crossplane will create a namespaced - 'composite resource claim' CRD that corresponds to the defined composite - resource. This composite resource claim acts as a namespaced proxy for - the composite resource; creating, updating, or deleting the claim will - create, update, or delete a corresponding composite resource. You may add - claim names to an existing CompositeResourceDefinition, but they cannot - be changed or removed once they have been set. + + ''composite resource claim'' CRD that corresponds to the defined + composite + + resource. This composite resource claim acts as a namespaced proxy + for + + the composite resource; creating, updating, or deleting the claim + will + + create, update, or delete a corresponding composite resource. You + may add + + claim names to an existing CompositeResourceDefinition, but they + cannot + + be changed or removed once they have been set.' properties: categories: - description: |- - categories is a list of grouped resources this custom resource belongs to (e.g. 'all'). - This is published in API discovery documents, and used by clients to support invocations like - `kubectl get all`. + description: 'categories is a list of grouped resources this custom + resource belongs to (e.g. ''all''). + + This is published in API discovery documents, and used by clients + to support invocations like + + `kubectl get all`.' items: type: string type: array + x-kubernetes-list-type: atomic kind: - description: |- - kind is the serialized kind of the resource. It is normally CamelCase and singular. - Custom resource instances will use this value as the `kind` attribute in API calls. + description: 'kind is the serialized kind of the resource. It + is normally CamelCase and singular. + + Custom resource instances will use this value as the `kind` + attribute in API calls.' type: string listKind: description: listKind is the serialized kind of the list for this resource. Defaults to "`kind`List". type: string plural: - description: |- - plural is the plural name of the resource to serve. + description: 'plural is the plural name of the resource to serve. + The custom resources are served under `/apis///.../`. - Must match the name of the CustomResourceDefinition (in the form `.`). - Must be all lowercase. + + Must match the name of the CustomResourceDefinition (in the + form `.`). + + Must be all lowercase.' type: string shortNames: - description: |- - shortNames are short names for the resource, exposed in API discovery documents, - and used by clients to support invocations like `kubectl get `. - It must be all lowercase. + description: 'shortNames are short names for the resource, exposed + in API discovery documents, + + and used by clients to support invocations like `kubectl get + `. + + It must be all lowercase.' items: type: string type: array + x-kubernetes-list-type: atomic singular: description: singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased `kind`. @@ -112,11 +156,16 @@ spec: - kind - plural type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf connectionSecretKeys: - description: |- - ConnectionSecretKeys is the list of keys that will be exposed to the end + description: 'ConnectionSecretKeys is the list of keys that will be + exposed to the end + user of the defined kind. - If the list is empty, all keys will be published. + + If the list is empty, all keys will be published.' items: type: string type: array @@ -125,11 +174,13 @@ spec: Composite resource. properties: strategy: - description: |- - strategy specifies how custom resources are converted between versions. Allowed values are: - - `"None"`: The converter only change the apiVersion and would not touch any other field in the custom resource. - - `"Webhook"`: API Server will call to an external webhook to do the conversion. Additional information - is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set. + description: "strategy specifies how custom resources are converted\ + \ between versions. Allowed values are:\n- `\"None\"`: The converter\ + \ only change the apiVersion and would not touch any other field\ + \ in the custom resource.\n- `\"Webhook\"`: API Server will\ + \ call to an external webhook to do the conversion. Additional\ + \ information\n is needed for this option. This requires spec.preserveUnknownFields\ + \ to be false, and spec.conversion.webhook to be set." type: string webhook: description: webhook describes how to call the conversion webhook. @@ -140,38 +191,45 @@ spec: the webhook if strategy is `Webhook`. properties: caBundle: - description: |- - caBundle is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. - If unspecified, system trust roots on the apiserver are used. + description: 'caBundle is a PEM encoded CA bundle which + will be used to validate the webhook''s server certificate. + + If unspecified, system trust roots on the apiserver + are used.' format: byte type: string service: - description: |- - service is a reference to the service for this webhook. Either + description: 'service is a reference to the service for + this webhook. Either + service or url must be specified. - If the webhook is running within the cluster, then you should use `service`. + + If the webhook is running within the cluster, then you + should use `service`.' properties: name: - description: |- - name is the name of the service. - Required + description: 'name is the name of the service. + + Required' type: string namespace: - description: |- - namespace is the namespace of the service. - Required + description: 'namespace is the namespace of the service. + + Required' type: string path: description: path is an optional URL path at which the webhook will be contacted. type: string port: - description: |- - port is an optional service port at which the webhook will be contacted. + description: 'port is an optional service port at + which the webhook will be contacted. + `port` should be a valid port number (1-65535, inclusive). - Defaults to 443 for backward compatibility. + + Defaults to 443 for backward compatibility.' format: int32 type: integer required: @@ -179,50 +237,94 @@ spec: - namespace type: object url: - description: |- - url gives the location of the webhook, in standard URL form - (`scheme://host:port/path`). Exactly one of `url` or `service` + description: 'url gives the location of the webhook, in + standard URL form + + (`scheme://host:port/path`). Exactly one of `url` or + `service` + must be specified. - The `host` should not refer to a service running in the cluster; use - the `service` field instead. The host might be resolved via external - DNS in some apiservers (e.g., `kube-apiserver` cannot resolve - in-cluster DNS as that would be a layering violation). `host` may + + The `host` should not refer to a service running in + the cluster; use + + the `service` field instead. The host might be resolved + via external + + DNS in some apiservers (e.g., `kube-apiserver` cannot + resolve + + in-cluster DNS as that would be a layering violation). + `host` may + also be an IP address. - Please note that using `localhost` or `127.0.0.1` as a `host` is - risky unless you take great care to run this webhook on all hosts - which run an apiserver which might need to make calls to this - webhook. Such installs are likely to be non-portable, i.e., not easy + + Please note that using `localhost` or `127.0.0.1` as + a `host` is + + risky unless you take great care to run this webhook + on all hosts + + which run an apiserver which might need to make calls + to this + + webhook. Such installs are likely to be non-portable, + i.e., not easy + to turn up in a new cluster. - The scheme must be "https"; the URL must begin with "https://". + The scheme must be "https"; the URL must begin with + "https://". + + + + A path is optional, and if present may be any string + permissible in + + a URL. You may use the path to pass an arbitrary string + to the - A path is optional, and if present may be any string permissible in - a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier. - Attempting to use a user or basic auth e.g. "user:password@" is not - allowed. Fragments ("#...") and query parameters ("?...") are not - allowed, either. + + Attempting to use a user or basic auth e.g. "user:password@" + is not + + allowed. Fragments ("#...") and query parameters ("?...") + are not + + allowed, either.' type: string type: object conversionReviewVersions: - description: |- - conversionReviewVersions is an ordered list of preferred `ConversionReview` - versions the Webhook expects. The API server will use the first version in - the list which it supports. If none of the versions specified in this list - are supported by API server, conversion will fail for the custom resource. - If a persisted Webhook configuration specifies allowed versions and does not - include any versions known to the API Server, calls to the webhook will fail. + description: 'conversionReviewVersions is an ordered list + of preferred `ConversionReview` + + versions the Webhook expects. The API server will use the + first version in + + the list which it supports. If none of the versions specified + in this list + + are supported by API server, conversion will fail for the + custom resource. + + If a persisted Webhook configuration specifies allowed versions + and does not + + include any versions known to the API Server, calls to the + webhook will fail.' items: type: string type: array + x-kubernetes-list-type: atomic required: - conversionReviewVersions type: object @@ -231,17 +333,19 @@ spec: type: object defaultCompositeDeletePolicy: default: Background - description: |- - DefaultCompositeDeletePolicy is the policy used when deleting the Composite - that is associated with the Claim if no policy has been specified. + description: 'DefaultCompositeDeletePolicy is the policy used when + deleting the Composite + + that is associated with the Claim if no policy has been specified.' enum: - Background - Foreground type: string defaultCompositionRef: - description: |- - DefaultCompositionRef refers to the Composition resource that will be used - in case no composition selector is given. + description: 'DefaultCompositionRef refers to the Composition resource + that will be used + + in case no composition selector is given.' properties: name: description: Name of the Composition. @@ -251,17 +355,20 @@ spec: type: object defaultCompositionUpdatePolicy: default: Automatic - description: |- - DefaultCompositionUpdatePolicy is the policy used when updating composites after a new - Composition Revision has been created if no policy has been specified on the composite. + description: 'DefaultCompositionUpdatePolicy is the policy used when + updating composites after a new + + Composition Revision has been created if no policy has been specified + on the composite.' enum: - Automatic - Manual type: string enforcedCompositionRef: - description: |- - EnforcedCompositionRef refers to the Composition resource that will be used - by all composite instances whose schema is defined by this definition. + description: 'EnforcedCompositionRef refers to the Composition resource + that will be used + + by all composite instances whose schema is defined by this definition.' properties: name: description: Name of the Composition. @@ -269,12 +376,21 @@ spec: required: - name type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf group: - description: |- - Group specifies the API group of the defined composite resource. - Composite resources are served under `/apis//...`. Must match the - name of the XRD (in the form `.`). + description: 'Group specifies the API group of the defined composite + resource. + + Composite resources are served under `/apis//...`. Must match + the + + name of the XRD (in the form `.`).' type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf metadata: description: Metadata specifies the desired metadata for the defined composite resource and claim CRD's. @@ -282,61 +398,86 @@ spec: annotations: additionalProperties: type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not + description: 'Annotations is an unstructured key value map stored + with a resource that may be + + set by external tools to store and retrieve arbitrary metadata. + They are not + queryable and should be preserved when modifying objects. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations' type: object labels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. May match selectors of replication controllers + description: 'Map of string keys and values that can be used to + organize and categorize + + (scope and select) objects. May match selectors of replication + controllers + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels + and services. - These labels are added to the composite resource and claim CRD's in addition - to any labels defined by `CompositionResourceDefinition` `metadata.labels`. + + These labels are added to the composite resource and claim CRD''s + in addition + + to any labels defined by `CompositionResourceDefinition` `metadata.labels`.' type: object type: object names: - description: |- - Names specifies the resource and kind names of the defined composite - resource. + description: 'Names specifies the resource and kind names of the defined + composite + + resource.' properties: categories: - description: |- - categories is a list of grouped resources this custom resource belongs to (e.g. 'all'). - This is published in API discovery documents, and used by clients to support invocations like - `kubectl get all`. + description: 'categories is a list of grouped resources this custom + resource belongs to (e.g. ''all''). + + This is published in API discovery documents, and used by clients + to support invocations like + + `kubectl get all`.' items: type: string type: array + x-kubernetes-list-type: atomic kind: - description: |- - kind is the serialized kind of the resource. It is normally CamelCase and singular. - Custom resource instances will use this value as the `kind` attribute in API calls. + description: 'kind is the serialized kind of the resource. It + is normally CamelCase and singular. + + Custom resource instances will use this value as the `kind` + attribute in API calls.' type: string listKind: description: listKind is the serialized kind of the list for this resource. Defaults to "`kind`List". type: string plural: - description: |- - plural is the plural name of the resource to serve. + description: 'plural is the plural name of the resource to serve. + The custom resources are served under `/apis///.../`. - Must match the name of the CustomResourceDefinition (in the form `.`). - Must be all lowercase. + + Must match the name of the CustomResourceDefinition (in the + form `.`). + + Must be all lowercase.' type: string shortNames: - description: |- - shortNames are short names for the resource, exposed in API discovery documents, - and used by clients to support invocations like `kubectl get `. - It must be all lowercase. + description: 'shortNames are short names for the resource, exposed + in API discovery documents, + + and used by clients to support invocations like `kubectl get + `. + + It must be all lowercase.' items: type: string type: array + x-kubernetes-list-type: atomic singular: description: singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased `kind`. @@ -345,29 +486,54 @@ spec: - kind - plural type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf versions: - description: |- - Versions is the list of all API versions of the defined composite + description: 'Versions is the list of all API versions of the defined + composite + resource. Version names are used to compute the order in which served + versions are listed in API discovery. If the version string is - "kube-like", it will sort above non "kube-like" version strings, which - are ordered lexicographically. "Kube-like" versions start with a "v", - then are followed by a number (the major version), then optionally the - string "alpha" or "beta" and another number (the minor version). These - are sorted first by GA > beta > alpha (where GA is a version with no - suffix such as beta or alpha), and then by comparing major version, then - minor version. An example sorted list of versions: v10, v2, v1, v11beta2, - v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10. + + "kube-like", it will sort above non "kube-like" version strings, + which + + are ordered lexicographically. "Kube-like" versions start with a + "v", + + then are followed by a number (the major version), then optionally + the + + string "alpha" or "beta" and another number (the minor version). + These + + are sorted first by GA > beta > alpha (where GA is a version with + no + + suffix such as beta or alpha), and then by comparing major version, + then + + minor version. An example sorted list of versions: v10, v2, v1, + v11beta2, + + v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.' items: description: CompositeResourceDefinitionVersion describes a version of an XR. properties: additionalPrinterColumns: - description: |- - AdditionalPrinterColumns specifies additional columns returned in Table - output. If no columns are specified, a single column displaying the age - of the custom resource is used. See the following link for details: - https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables + description: 'AdditionalPrinterColumns specifies additional + columns returned in Table + + output. If no columns are specified, a single column displaying + the age + + of the custom resource is used. See the following link for + details: + + https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables' items: description: CustomResourceColumnDefinition specifies a column for server side printing. @@ -377,30 +543,40 @@ spec: of this column. type: string format: - description: |- - format is an optional OpenAPI type definition for this column. The 'name' format is applied - to the primary identifier column to assist in clients identifying column is the resource name. - See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details. + description: 'format is an optional OpenAPI type definition + for this column. The ''name'' format is applied + + to the primary identifier column to assist in clients + identifying column is the resource name. + + See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types + for details.' type: string jsonPath: - description: |- - jsonPath is a simple JSON path (i.e. with array notation) which is evaluated against - each custom resource to produce the value for this column. + description: 'jsonPath is a simple JSON path (i.e. with + array notation) which is evaluated against + + each custom resource to produce the value for this column.' type: string name: description: name is a human readable name for the column. type: string priority: - description: |- - priority is an integer defining the relative importance of this column compared to others. Lower - numbers are considered higher priority. Columns that may be omitted in limited space scenarios - should be given a priority greater than 0. + description: 'priority is an integer defining the relative + importance of this column compared to others. Lower + + numbers are considered higher priority. Columns that + may be omitted in limited space scenarios + + should be given a priority greater than 0.' format: int32 type: integer type: - description: |- - type is an OpenAPI type definition for this column. - See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details. + description: 'type is an OpenAPI type definition for this + column. + + See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types + for details.' type: string required: - jsonPath @@ -409,43 +585,63 @@ spec: type: object type: array deprecated: - description: |- - The deprecated field specifies that this version is deprecated and should - not be used. + description: 'The deprecated field specifies that this version + is deprecated and should + + not be used.' type: boolean deprecationWarning: - description: |- - DeprecationWarning specifies the message that should be shown to the user - when using this version. + description: 'DeprecationWarning specifies the message that + should be shown to the user + + when using this version.' maxLength: 256 type: string name: - description: |- - Name of this version, e.g. “v1”, “v2beta1”, etc. Composite resources are - served under this version at `/apis///...` if `served` is - true. + description: "Name of this version, e.g. \u201Cv1\u201D, \u201C\ + v2beta1\u201D, etc. Composite resources are\nserved under\ + \ this version at `/apis///...` if `served`\ + \ is\ntrue." type: string referenceable: - description: |- - Referenceable specifies that this version may be referenced by a - Composition in order to configure which resources an XR may be composed - of. Exactly one version must be marked as referenceable; all Compositions - must target only the referenceable version. The referenceable version - must be served. It's mapped to the CRD's `spec.versions[*].storage` field. + description: 'Referenceable specifies that this version may + be referenced by a + + Composition in order to configure which resources an XR may + be composed + + of. Exactly one version must be marked as referenceable; all + Compositions + + must target only the referenceable version. The referenceable + version + + must be served. It''s mapped to the CRD''s `spec.versions[*].storage` + field.' type: boolean schema: - description: |- - Schema describes the schema used for validation, pruning, and defaulting - of this version of the defined composite resource. Fields required by all - composite resources will be injected into this schema automatically, and - will override equivalently named fields in this schema. Omitting this - schema results in a schema that contains only the fields required by all - composite resources. + description: 'Schema describes the schema used for validation, + pruning, and defaulting + + of this version of the defined composite resource. Fields + required by all + + composite resources will be injected into this schema automatically, + and + + will override equivalently named fields in this schema. Omitting + this + + schema results in a schema that contains only the fields required + by all + + composite resources.' properties: openAPIV3Schema: - description: |- - OpenAPIV3Schema is the OpenAPI v3 schema to use for validation and - pruning. + description: 'OpenAPIV3Schema is the OpenAPI v3 schema to + use for validation and + + pruning.' type: object x-kubernetes-preserve-unknown-fields: true type: object @@ -474,21 +670,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -500,9 +702,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -515,17 +718,24 @@ spec: - type x-kubernetes-list-type: map controllers: - description: |- - Controllers represents the status of the controllers that power this - composite resource definition. + description: 'Controllers represents the status of the controllers + that power this + + composite resource definition.' properties: compositeResourceClaimType: - description: |- - The CompositeResourceClaimTypeRef is the type of composite resource claim - that Crossplane is currently reconciling for this definition. Its version - will eventually become consistent with the definition's referenceable - version. Note that clients may interact with any served type; this is - simply the type that Crossplane interacts with. + description: 'The CompositeResourceClaimTypeRef is the type of + composite resource claim + + that Crossplane is currently reconciling for this definition. + Its version + + will eventually become consistent with the definition''s referenceable + + version. Note that clients may interact with any served type; + this is + + simply the type that Crossplane interacts with.' properties: apiVersion: description: APIVersion of the type. @@ -538,12 +748,19 @@ spec: - kind type: object compositeResourceType: - description: |- - The CompositeResourceTypeRef is the type of composite resource that - Crossplane is currently reconciling for this definition. Its version will - eventually become consistent with the definition's referenceable version. - Note that clients may interact with any served type; this is simply the - type that Crossplane interacts with. + description: 'The CompositeResourceTypeRef is the type of composite + resource that + + Crossplane is currently reconciling for this definition. Its + version will + + eventually become consistent with the definition''s referenceable + version. + + Note that clients may interact with any served type; this is + simply the + + type that Crossplane interacts with.' properties: apiVersion: description: APIVersion of the type. @@ -562,14 +779,44 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + kind: CompositeResourceDefinition + listKind: CompositeResourceDefinitionList + plural: compositeresourcedefinitions + shortNames: + - xrd + - xrds + singular: compositeresourcedefinition + conditions: + - lastTransitionTime: '2024-09-06T23:41:59Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:41:59Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:41:59Z' + generation: 1 name: compositionrevisions.apiextensions.crossplane.io + resourceVersion: '538' + uid: b88d41ab-db3e-470b-842b-3619c625cc43 spec: + conversion: + strategy: None group: apiextensions.crossplane.io names: categories: @@ -598,40 +845,54 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A CompositionRevision represents a revision of a Composition. Crossplane + description: 'A CompositionRevision represents a revision of a Composition. + Crossplane + creates new revisions when there are changes to the Composition. - Crossplane creates and manages CompositionRevisions. Don't directly edit - CompositionRevisions. + + Crossplane creates and manages CompositionRevisions. Don''t directly edit + + CompositionRevisions.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - CompositionRevisionSpec specifies the desired state of the composition - revision. + description: 'CompositionRevisionSpec specifies the desired state of the + composition + + revision.' properties: compositeTypeRef: - description: |- - CompositeTypeRef specifies the type of composite resource that this - composition is compatible with. + description: 'CompositeTypeRef specifies the type of composite resource + that this + + composition is compatible with.' properties: apiVersion: description: APIVersion of the type. @@ -643,46 +904,67 @@ spec: - apiVersion - kind type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf environment: - description: |- - Environment configures the environment in which resources are rendered. + description: 'Environment configures the environment in which resources + are rendered. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: defaultData: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. + description: 'DefaultData statically defines the initial state + of the environment. + It has the same schema-less structure as the data field in + environment configs. - It is overwritten by the selected environment configs. + + It is overwritten by the selected environment configs.' type: object environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved + description: 'EnvironmentConfigs selects a list of `EnvironmentConfig`s. + The resolved + resources are stored in the composite resource at + `spec.environmentConfigRefs` and is only updated if it is null. - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take + + The list of references is used to compute an in-memory environment + at + + compose time. The data of all object is merged in the order + they are + + listed, meaning the values of EnvironmentConfigs with a larger + index take + priority over ones with smaller indices. + The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. + + `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches.' items: description: EnvironmentSource selects a EnvironmentConfig resource. properties: ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. + description: 'Ref is a named reference to a single EnvironmentConfig. + + Either Ref or Selector is required.' properties: name: description: The name of the object. @@ -697,20 +979,31 @@ spec: description: MatchLabels ensures an object with matching labels is selected. items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. + description: 'An EnvironmentSourceSelectorLabelMatcher + acts like a k8s label selector but + + can draw the label value from a different path.' properties: fromFieldPathPolicy: default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the + description: 'FromFieldPathPolicy specifies the + policy for the valueFromFieldPath. + + The default is Required, meaning that an error + will be returned if the + field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. + + Optional means that if the field is not found + in the composite resource, + + that label pair will just be skipped. N.B. other + specified label + + matchers will still be used to retrieve the + desired + + environment config, if any.' enum: - Optional - Required @@ -765,9 +1058,10 @@ spec: type: object type: default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` + description: 'Type specifies the way the EnvironmentConfig + is selected. + + Default is `Reference`' enum: - Reference - Selector @@ -775,51 +1069,62 @@ spec: type: object type: array patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. + description: 'Patches is a list of environment patches that are + executed before a + + composition''s resources are composed.' items: description: EnvironmentPatch is a patch for a Composition environment. properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. + description: 'Combine is the patch configuration for a CombineFromComposite + or + + CombineToComposite patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use to + combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables should + be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables whose + values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -831,21 +1136,29 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. + description: 'FromFieldPath is the path of the field on + the resource whose value is + + to be used as input. Required when type is FromCompositeFieldPath + or + + ToCompositeFieldPath.' type: string policy: description: Policy configures the specifics of patching behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch from + a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -865,36 +1178,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on the + resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -934,29 +1258,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should be + returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of the + first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches the + input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against the + input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as result @@ -964,17 +1295,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + - * `literal` - the pattern value has to exactly match (case sensitive) the + * `literal` - the pattern value has to + exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as a + regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -986,9 +1325,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -1015,19 +1355,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to be + specified. + + `ToUpper` and `ToLower` change the letter case + of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its raw + JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based on + the input string.' enum: - ToUpper - ToLower @@ -1040,18 +1393,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -1065,9 +1420,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -1104,9 +1460,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - ToCompositeFieldPath @@ -1116,27 +1473,38 @@ spec: type: object type: array policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. + description: 'Policy represents the Resolve and Resolution policies + which apply to + + all EnvironmentSourceReferences in EnvironmentConfigs list.' properties: resolution: default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. + description: 'Resolution specifies whether resolution of this + reference is required. + + The default is ''Required'', which means the reconcile will + fail if the + + reference cannot be resolved. ''Optional'' means this reference + will be + + a no-op if it cannot be resolved.' enum: - Required - Optional type: string resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. + description: 'Resolve specifies when this reference should + be resolved. The default + + is ''IfNotPresent'', which will attempt to resolve the reference + only when + + the corresponding field is not present. Use ''Always'' to + resolve the + + reference on every reconcile.' enum: - Always - IfNotPresent @@ -1145,38 +1513,65 @@ spec: type: object mode: default: Resources - description: |- - Mode controls what type or "mode" of Composition will be used. + description: 'Mode controls what type or "mode" of Composition will + be used. - "Resources" (the default) indicates that a Composition uses what is - commonly referred to as "Patch & Transform" or P&T composition. This mode - of Composition uses an array of resources, each a template for a composed - resource. + "Pipeline" indicates that a Composition specifies a pipeline of + + Composition Functions, each of which is responsible for producing + + composed resources that Crossplane should create or update. + + + + "Resources" indicates that a Composition uses what is commonly referred + + to as "Patch & Transform" or P&T composition. This mode of Composition + + uses an array of resources, each a template for a composed resource. - "Pipeline" indicates that a Composition specifies a pipeline - of Composition Functions, each of which is responsible for producing - composed resources that Crossplane should create or update. THE PIPELINE - MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane - feature flag is disabled. + + + All Compositions should use Pipeline mode. Resources mode is deprecated. + + Resources mode won''t be removed in Crossplane 1.x, and will remain + the + + default to avoid breaking legacy Compositions. However, it''s no + longer + + accepting new features, and only accepting security related bug + fixes.' enum: - Resources - Pipeline type: string patchSets: - description: |- - PatchSets define a named set of patches that may be included by any - resource in this Composition. PatchSets cannot themselves refer to other + description: 'PatchSets define a named set of patches that may be + included by any + + resource in this Composition. PatchSets cannot themselves refer + to other + PatchSets. - PatchSets are only used by the "Resources" mode of Composition. They + + PatchSets are only used by the "Resources" mode of Composition. + They + are ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' items: - description: |- - A PatchSet is a set of patches that can be reused from all resources within - a Composition. + description: 'A PatchSet is a set of patches that can be reused + from all resources within + + a Composition.' properties: name: description: Name of this PatchSet. @@ -1185,51 +1580,66 @@ spec: description: Patches will be applied as an overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -1241,10 +1651,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -1255,11 +1667,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -1279,36 +1696,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -1348,29 +1776,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -1379,17 +1814,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the + + * `literal` - the pattern value has + to exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -1401,9 +1844,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -1430,19 +1874,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -1455,18 +1912,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -1480,9 +1939,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -1519,9 +1979,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -1541,18 +2002,20 @@ spec: type: object type: array pipeline: - description: |- - Pipeline is a list of composition function steps that will be used when a - composite resource referring to this composition is created. One of + description: 'Pipeline is a list of composition function steps that + will be used when a + + composite resource referring to this composition is created. One + of + resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is - ignored by other modes. + The Pipeline is only used by the "Pipeline" mode of Composition. + It is - THIS IS A BETA FIELD. It is not honored if the relevant Crossplane - feature flag is disabled. + ignored by other modes.' items: description: A PipelineStep in a Composition Function pipeline. properties: @@ -1560,17 +2023,19 @@ spec: description: Credentials are optional credentials that the Composition Function needs. items: - description: |- - FunctionCredentials are optional credentials that a Composition Function - needs to run. + description: 'FunctionCredentials are optional credentials + that a Composition Function + + needs to run.' properties: name: description: Name of this set of credentials. type: string secretRef: - description: |- - A SecretRef is a reference to a secret containing credentials that should - be supplied to the function. + description: 'A SecretRef is a reference to a secret containing + credentials that should + + be supplied to the function.' properties: name: description: Name of the secret. @@ -1597,9 +2062,10 @@ spec: - name x-kubernetes-list-type: map functionRef: - description: |- - FunctionRef is a reference to the Composition Function this step should - execute. + description: 'FunctionRef is a reference to the Composition + Function this step should + + execute.' properties: name: description: Name of the referenced Function. @@ -1608,10 +2074,12 @@ spec: - name type: object input: - description: |- - Input is an optional, arbitrary Kubernetes resource (i.e. a resource + description: 'Input is an optional, arbitrary Kubernetes resource + (i.e. a resource + with an apiVersion and kind) that will be passed to the Composition - Function as the 'input' of its RunFunctionRequest. + + Function as the ''input'' of its RunFunctionRequest.' type: object x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true @@ -1623,18 +2091,27 @@ spec: - step type: object type: array + x-kubernetes-list-map-keys: + - step + x-kubernetes-list-type: map publishConnectionDetailsWithStoreConfigRef: default: name: default - description: |- - PublishConnectionDetailsWithStoreConfig specifies the secret store config + description: 'PublishConnectionDetailsWithStoreConfig specifies the + secret store config + with which the connection details of composite resources dynamically + provisioned using this composition will be published. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: name: description: Name of the referenced StoreConfig. @@ -1643,17 +2120,26 @@ spec: - name type: object resources: - description: |- - Resources is a list of resource templates that will be used when a + description: 'Resources is a list of resource templates that will + be used when a + composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are + + Resources are only used by the "Resources" mode of Composition. + They are + ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' items: - description: |- - ComposedTemplate is used to provide information about how the composed resource - should be processed. + description: 'ComposedTemplate is used to provide information about + how the composed resource + + should be processed.' properties: base: description: Base is the target resource that the patches will @@ -1662,112 +2148,158 @@ spec: x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true connectionDetails: - description: |- - ConnectionDetails lists the propagation secret keys from this target - resource to the composition instance connection secret. + description: 'ConnectionDetails lists the propagation secret + keys from this target + + resource to the composition instance connection secret.' items: - description: |- - ConnectionDetail includes the information about the propagation of the connection - information from one secret to another. + description: 'ConnectionDetail includes the information about + the propagation of the connection + + information from one secret to another.' properties: fromConnectionSecretKey: - description: |- - FromConnectionSecretKey is the key that will be used to fetch the value - from the composed resource's connection secret. + description: 'FromConnectionSecretKey is the key that + will be used to fetch the value + + from the composed resource''s connection secret.' type: string fromFieldPath: - description: |- - FromFieldPath is the path of the field on the composed resource whose - value to be used as input. Name must be specified if the type is - FromFieldPath. + description: 'FromFieldPath is the path of the field on + the composed resource whose + + value to be used as input. Name must be specified if + the type is + + FromFieldPath.' type: string name: - description: |- - Name of the connection secret key that will be propagated to the - connection secret of the composition instance. Leave empty if you'd like - to use the same key name. + description: 'Name of the connection secret key that will + be propagated to the + + connection secret of the composition instance. Leave + empty if you''d like + + to use the same key name.' type: string type: - description: |- - Type sets the connection detail fetching behaviour to be used. Each - connection detail type may require its own fields to be set on the - ConnectionDetail object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. If multiple + description: 'Type sets the connection detail fetching + behaviour to be used. Each + + connection detail type may require its own fields to + be set on the + + ConnectionDetail object. If the type is omitted Crossplane + will attempt + + to infer it based on which other fields were specified. + If multiple + fields are specified the order of precedence is: + 1. FromValue + 2. FromConnectionSecretKey - 3. FromFieldPath + + 3. FromFieldPath' enum: - FromConnectionSecretKey - FromFieldPath - FromValue type: string value: - description: |- - Value that will be propagated to the connection secret of the composite - resource. May be set to inject a fixed, non-sensitive connection secret - value, for example a well-known port. + description: 'Value that will be propagated to the connection + secret of the composite + + resource. May be set to inject a fixed, non-sensitive + connection secret + + value, for example a well-known port.' type: string type: object type: array name: - description: |- - A Name uniquely identifies this entry within its Composition's resources - array. Names are optional but *strongly* recommended. When all entries in - the resources array are named entries may added, deleted, and reordered - as long as their names do not change. When entries are not named the - length and order of the resources array should be treated as immutable. - Either all or no entries must be named. + description: 'A Name uniquely identifies this entry within its + Composition''s resources + + array. Names are optional but *strongly* recommended. When + all entries in + + the resources array are named entries may added, deleted, + and reordered + + as long as their names do not change. When entries are not + named the + + length and order of the resources array should be treated + as immutable. + + Either all or no entries must be named.' type: string patches: description: Patches will be applied as overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -1779,10 +2311,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -1793,11 +2327,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -1817,36 +2356,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -1886,29 +2436,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -1917,17 +2474,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the + + * `literal` - the pattern value has + to exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -1939,9 +2504,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -1968,19 +2534,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -1993,18 +2572,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -2018,9 +2599,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -2057,9 +2639,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -2076,17 +2659,22 @@ spec: readinessChecks: default: - matchCondition: - status: "True" + status: 'True' type: Ready type: MatchCondition - description: |- - ReadinessChecks allows users to define custom readiness checks. All checks - have to return true in order for resource to be considered ready. The - default readiness check is to have the "Ready" condition to be "True". + description: 'ReadinessChecks allows users to define custom + readiness checks. All checks + + have to return true in order for resource to be considered + ready. The + + default readiness check is to have the "Ready" condition to + be "True".' items: - description: |- - ReadinessCheck is used to indicate how to tell whether a resource is ready - for consumption. + description: 'ReadinessCheck is used to indicate how to tell + whether a resource is ready + + for consumption.' properties: fieldPath: description: FieldPath shows the path of the field whose @@ -2097,7 +2685,7 @@ spec: like to match if you're using "MatchCondition" type. properties: status: - default: "True" + default: 'True' description: Status is the status of the condition you'd like to match. type: string @@ -2143,25 +2731,39 @@ spec: description: Revision number. Newer revisions have larger numbers. format: int64 type: integer + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf writeConnectionSecretsToNamespace: - description: |- - WriteConnectionSecretsToNamespace specifies the namespace in which the - connection secrets of composite resource dynamically provisioned using + description: 'WriteConnectionSecretsToNamespace specifies the namespace + in which the + + connection secrets of composite resource dynamically provisioned + using + this composition will be created. - This field is planned to be replaced in a future release in favor of - PublishConnectionDetailsWithStoreConfigRef. Currently, both could be + + This field is planned to be replaced in a future release in favor + of + + PublishConnectionDetailsWithStoreConfigRef. Currently, both could + be + set independently and connection details would be published to both + without affecting each other as long as related fields at MR level - specified. + + specified.' type: string required: - compositeTypeRef - revision type: object status: - description: |- - CompositionRevisionStatus shows the observed state of the composition - revision. + description: 'CompositionRevisionStatus shows the observed state of the + composition + + revision.' properties: conditions: description: Conditions of the resource. @@ -2169,21 +2771,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -2195,9 +2803,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -2231,40 +2840,54 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: |- - A CompositionRevision represents a revision of a Composition. Crossplane + description: 'A CompositionRevision represents a revision of a Composition. + Crossplane + creates new revisions when there are changes to the Composition. - Crossplane creates and manages CompositionRevisions. Don't directly edit - CompositionRevisions. + + Crossplane creates and manages CompositionRevisions. Don''t directly edit + + CompositionRevisions.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - CompositionRevisionSpec specifies the desired state of the composition - revision. + description: 'CompositionRevisionSpec specifies the desired state of the + composition + + revision.' properties: compositeTypeRef: - description: |- - CompositeTypeRef specifies the type of composite resource that this - composition is compatible with. + description: 'CompositeTypeRef specifies the type of composite resource + that this + + composition is compatible with.' properties: apiVersion: description: APIVersion of the type. @@ -2276,46 +2899,67 @@ spec: - apiVersion - kind type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf environment: - description: |- - Environment configures the environment in which resources are rendered. + description: 'Environment configures the environment in which resources + are rendered. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: defaultData: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. + description: 'DefaultData statically defines the initial state + of the environment. + It has the same schema-less structure as the data field in + environment configs. - It is overwritten by the selected environment configs. + + It is overwritten by the selected environment configs.' type: object environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved + description: 'EnvironmentConfigs selects a list of `EnvironmentConfig`s. + The resolved + resources are stored in the composite resource at + `spec.environmentConfigRefs` and is only updated if it is null. - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take + + The list of references is used to compute an in-memory environment + at + + compose time. The data of all object is merged in the order + they are + + listed, meaning the values of EnvironmentConfigs with a larger + index take + priority over ones with smaller indices. + The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. + + `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches.' items: description: EnvironmentSource selects a EnvironmentConfig resource. properties: ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. + description: 'Ref is a named reference to a single EnvironmentConfig. + + Either Ref or Selector is required.' properties: name: description: The name of the object. @@ -2330,20 +2974,31 @@ spec: description: MatchLabels ensures an object with matching labels is selected. items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. + description: 'An EnvironmentSourceSelectorLabelMatcher + acts like a k8s label selector but + + can draw the label value from a different path.' properties: fromFieldPathPolicy: default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the + description: 'FromFieldPathPolicy specifies the + policy for the valueFromFieldPath. + + The default is Required, meaning that an error + will be returned if the + field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. + + Optional means that if the field is not found + in the composite resource, + + that label pair will just be skipped. N.B. other + specified label + + matchers will still be used to retrieve the + desired + + environment config, if any.' enum: - Optional - Required @@ -2398,9 +3053,10 @@ spec: type: object type: default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` + description: 'Type specifies the way the EnvironmentConfig + is selected. + + Default is `Reference`' enum: - Reference - Selector @@ -2408,51 +3064,62 @@ spec: type: object type: array patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. + description: 'Patches is a list of environment patches that are + executed before a + + composition''s resources are composed.' items: description: EnvironmentPatch is a patch for a Composition environment. properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. + description: 'Combine is the patch configuration for a CombineFromComposite + or + + CombineToComposite patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use to + combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables should + be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables whose + values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -2464,21 +3131,29 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. + description: 'FromFieldPath is the path of the field on + the resource whose value is + + to be used as input. Required when type is FromCompositeFieldPath + or + + ToCompositeFieldPath.' type: string policy: description: Policy configures the specifics of patching behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch from + a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -2498,36 +3173,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on the + resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -2567,29 +3253,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should be + returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of the + first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches the + input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against the + input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as result @@ -2597,17 +3290,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + - * `literal` - the pattern value has to exactly match (case sensitive) the + * `literal` - the pattern value has to + exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as a + regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -2619,9 +3320,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -2648,19 +3350,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to be + specified. + + `ToUpper` and `ToLower` change the letter case + of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its raw + JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based on + the input string.' enum: - ToUpper - ToLower @@ -2673,18 +3388,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -2698,9 +3415,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -2737,9 +3455,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - ToCompositeFieldPath @@ -2749,27 +3468,38 @@ spec: type: object type: array policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. + description: 'Policy represents the Resolve and Resolution policies + which apply to + + all EnvironmentSourceReferences in EnvironmentConfigs list.' properties: resolution: default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. + description: 'Resolution specifies whether resolution of this + reference is required. + + The default is ''Required'', which means the reconcile will + fail if the + + reference cannot be resolved. ''Optional'' means this reference + will be + + a no-op if it cannot be resolved.' enum: - Required - Optional type: string resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. + description: 'Resolve specifies when this reference should + be resolved. The default + + is ''IfNotPresent'', which will attempt to resolve the reference + only when + + the corresponding field is not present. Use ''Always'' to + resolve the + + reference on every reconcile.' enum: - Always - IfNotPresent @@ -2778,91 +3508,133 @@ spec: type: object mode: default: Resources - description: |- - Mode controls what type or "mode" of Composition will be used. + description: 'Mode controls what type or "mode" of Composition will + be used. - "Resources" (the default) indicates that a Composition uses what is - commonly referred to as "Patch & Transform" or P&T composition. This mode - of Composition uses an array of resources, each a template for a composed - resource. + "Pipeline" indicates that a Composition specifies a pipeline of - "Pipeline" indicates that a Composition specifies a pipeline - of Composition Functions, each of which is responsible for producing - composed resources that Crossplane should create or update. THE PIPELINE - MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane - feature flag is disabled. - enum: - - Resources - - Pipeline - type: string - patchSets: - description: |- - PatchSets define a named set of patches that may be included by any - resource in this Composition. PatchSets cannot themselves refer to other - PatchSets. + Composition Functions, each of which is responsible for producing + composed resources that Crossplane should create or update. - PatchSets are only used by the "Resources" mode of Composition. They - are ignored by other modes. - items: - description: |- - A PatchSet is a set of patches that can be reused from all resources within - a Composition. - properties: - name: - description: Name of this PatchSet. + + + "Resources" indicates that a Composition uses what is commonly referred + + to as "Patch & Transform" or P&T composition. This mode of Composition + + uses an array of resources, each a template for a composed resource. + + + + All Compositions should use Pipeline mode. Resources mode is deprecated. + + Resources mode won''t be removed in Crossplane 1.x, and will remain + the + + default to avoid breaking legacy Compositions. However, it''s no + longer + + accepting new features, and only accepting security related bug + fixes.' + enum: + - Resources + - Pipeline + type: string + patchSets: + description: 'PatchSets define a named set of patches that may be + included by any + + resource in this Composition. PatchSets cannot themselves refer + to other + + PatchSets. + + + + PatchSets are only used by the "Resources" mode of Composition. + They + + are ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' + items: + description: 'A PatchSet is a set of patches that can be reused + from all resources within + + a Composition.' + properties: + name: + description: Name of this PatchSet. type: string patches: description: Patches will be applied as an overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -2874,10 +3646,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -2888,11 +3662,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -2912,36 +3691,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + + Only used during `string -> object` or `string + -> list` conversions. + - If this property is null, the default conversion is applied. + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -2981,29 +3771,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -3012,17 +3809,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + + + * `literal` - the pattern value has + to exactly match (case sensitive) the - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -3034,9 +3839,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -3063,19 +3869,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -3088,18 +3907,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -3113,9 +3934,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -3152,9 +3974,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -3174,18 +3997,20 @@ spec: type: object type: array pipeline: - description: |- - Pipeline is a list of composition function steps that will be used when a - composite resource referring to this composition is created. One of + description: 'Pipeline is a list of composition function steps that + will be used when a + + composite resource referring to this composition is created. One + of + resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is - ignored by other modes. + The Pipeline is only used by the "Pipeline" mode of Composition. + It is - THIS IS A BETA FIELD. It is not honored if the relevant Crossplane - feature flag is disabled. + ignored by other modes.' items: description: A PipelineStep in a Composition Function pipeline. properties: @@ -3193,17 +4018,19 @@ spec: description: Credentials are optional credentials that the Composition Function needs. items: - description: |- - FunctionCredentials are optional credentials that a Composition Function - needs to run. + description: 'FunctionCredentials are optional credentials + that a Composition Function + + needs to run.' properties: name: description: Name of this set of credentials. type: string secretRef: - description: |- - A SecretRef is a reference to a secret containing credentials that should - be supplied to the function. + description: 'A SecretRef is a reference to a secret containing + credentials that should + + be supplied to the function.' properties: name: description: Name of the secret. @@ -3230,9 +4057,10 @@ spec: - name x-kubernetes-list-type: map functionRef: - description: |- - FunctionRef is a reference to the Composition Function this step should - execute. + description: 'FunctionRef is a reference to the Composition + Function this step should + + execute.' properties: name: description: Name of the referenced Function. @@ -3241,10 +4069,12 @@ spec: - name type: object input: - description: |- - Input is an optional, arbitrary Kubernetes resource (i.e. a resource + description: 'Input is an optional, arbitrary Kubernetes resource + (i.e. a resource + with an apiVersion and kind) that will be passed to the Composition - Function as the 'input' of its RunFunctionRequest. + + Function as the ''input'' of its RunFunctionRequest.' type: object x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true @@ -3256,18 +4086,27 @@ spec: - step type: object type: array + x-kubernetes-list-map-keys: + - step + x-kubernetes-list-type: map publishConnectionDetailsWithStoreConfigRef: default: name: default - description: |- - PublishConnectionDetailsWithStoreConfig specifies the secret store config + description: 'PublishConnectionDetailsWithStoreConfig specifies the + secret store config + with which the connection details of composite resources dynamically + provisioned using this composition will be published. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: name: description: Name of the referenced StoreConfig. @@ -3276,17 +4115,26 @@ spec: - name type: object resources: - description: |- - Resources is a list of resource templates that will be used when a + description: 'Resources is a list of resource templates that will + be used when a + composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are + + Resources are only used by the "Resources" mode of Composition. + They are + ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' items: - description: |- - ComposedTemplate is used to provide information about how the composed resource - should be processed. + description: 'ComposedTemplate is used to provide information about + how the composed resource + + should be processed.' properties: base: description: Base is the target resource that the patches will @@ -3295,112 +4143,158 @@ spec: x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true connectionDetails: - description: |- - ConnectionDetails lists the propagation secret keys from this target - resource to the composition instance connection secret. + description: 'ConnectionDetails lists the propagation secret + keys from this target + + resource to the composition instance connection secret.' items: - description: |- - ConnectionDetail includes the information about the propagation of the connection - information from one secret to another. + description: 'ConnectionDetail includes the information about + the propagation of the connection + + information from one secret to another.' properties: fromConnectionSecretKey: - description: |- - FromConnectionSecretKey is the key that will be used to fetch the value - from the composed resource's connection secret. + description: 'FromConnectionSecretKey is the key that + will be used to fetch the value + + from the composed resource''s connection secret.' type: string fromFieldPath: - description: |- - FromFieldPath is the path of the field on the composed resource whose - value to be used as input. Name must be specified if the type is - FromFieldPath. + description: 'FromFieldPath is the path of the field on + the composed resource whose + + value to be used as input. Name must be specified if + the type is + + FromFieldPath.' type: string name: - description: |- - Name of the connection secret key that will be propagated to the - connection secret of the composition instance. Leave empty if you'd like - to use the same key name. + description: 'Name of the connection secret key that will + be propagated to the + + connection secret of the composition instance. Leave + empty if you''d like + + to use the same key name.' type: string type: - description: |- - Type sets the connection detail fetching behaviour to be used. Each - connection detail type may require its own fields to be set on the - ConnectionDetail object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. If multiple + description: 'Type sets the connection detail fetching + behaviour to be used. Each + + connection detail type may require its own fields to + be set on the + + ConnectionDetail object. If the type is omitted Crossplane + will attempt + + to infer it based on which other fields were specified. + If multiple + fields are specified the order of precedence is: + 1. FromValue + 2. FromConnectionSecretKey - 3. FromFieldPath + + 3. FromFieldPath' enum: - FromConnectionSecretKey - FromFieldPath - FromValue type: string value: - description: |- - Value that will be propagated to the connection secret of the composite - resource. May be set to inject a fixed, non-sensitive connection secret - value, for example a well-known port. + description: 'Value that will be propagated to the connection + secret of the composite + + resource. May be set to inject a fixed, non-sensitive + connection secret + + value, for example a well-known port.' type: string type: object type: array name: - description: |- - A Name uniquely identifies this entry within its Composition's resources - array. Names are optional but *strongly* recommended. When all entries in - the resources array are named entries may added, deleted, and reordered - as long as their names do not change. When entries are not named the - length and order of the resources array should be treated as immutable. - Either all or no entries must be named. + description: 'A Name uniquely identifies this entry within its + Composition''s resources + + array. Names are optional but *strongly* recommended. When + all entries in + + the resources array are named entries may added, deleted, + and reordered + + as long as their names do not change. When entries are not + named the + + length and order of the resources array should be treated + as immutable. + + Either all or no entries must be named.' type: string patches: description: Patches will be applied as overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -3412,10 +4306,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -3426,11 +4322,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -3450,36 +4351,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + + Only used during `string -> object` or `string + -> list` conversions. + - If this property is null, the default conversion is applied. + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -3519,29 +4431,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -3550,17 +4469,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + + + * `literal` - the pattern value has + to exactly match (case sensitive) the - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -3572,9 +4499,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -3601,19 +4529,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -3626,18 +4567,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -3651,9 +4594,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -3690,9 +4634,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -3709,17 +4654,22 @@ spec: readinessChecks: default: - matchCondition: - status: "True" + status: 'True' type: Ready type: MatchCondition - description: |- - ReadinessChecks allows users to define custom readiness checks. All checks - have to return true in order for resource to be considered ready. The - default readiness check is to have the "Ready" condition to be "True". + description: 'ReadinessChecks allows users to define custom + readiness checks. All checks + + have to return true in order for resource to be considered + ready. The + + default readiness check is to have the "Ready" condition to + be "True".' items: - description: |- - ReadinessCheck is used to indicate how to tell whether a resource is ready - for consumption. + description: 'ReadinessCheck is used to indicate how to tell + whether a resource is ready + + for consumption.' properties: fieldPath: description: FieldPath shows the path of the field whose @@ -3730,7 +4680,7 @@ spec: like to match if you're using "MatchCondition" type. properties: status: - default: "True" + default: 'True' description: Status is the status of the condition you'd like to match. type: string @@ -3776,25 +4726,39 @@ spec: description: Revision number. Newer revisions have larger numbers. format: int64 type: integer + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf writeConnectionSecretsToNamespace: - description: |- - WriteConnectionSecretsToNamespace specifies the namespace in which the - connection secrets of composite resource dynamically provisioned using + description: 'WriteConnectionSecretsToNamespace specifies the namespace + in which the + + connection secrets of composite resource dynamically provisioned + using + this composition will be created. - This field is planned to be replaced in a future release in favor of - PublishConnectionDetailsWithStoreConfigRef. Currently, both could be + + This field is planned to be replaced in a future release in favor + of + + PublishConnectionDetailsWithStoreConfigRef. Currently, both could + be + set independently and connection details would be published to both + without affecting each other as long as related fields at MR level - specified. + + specified.' type: string required: - compositeTypeRef - revision type: object status: - description: |- - CompositionRevisionStatus shows the observed state of the composition - revision. + description: 'CompositionRevisionStatus shows the observed state of the + composition + + revision.' properties: conditions: description: Conditions of the resource. @@ -3802,21 +4766,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -3828,9 +4798,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -3848,14 +4819,43 @@ spec: storage: false subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + kind: CompositionRevision + listKind: CompositionRevisionList + plural: compositionrevisions + shortNames: + - comprev + singular: compositionrevision + conditions: + - lastTransitionTime: '2024-09-06T23:41:59Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: compositions.apiextensions.crossplane.io + resourceVersion: '545' + uid: 7e0bc902-1c9f-4d29-a50a-d15ac89deaee spec: + conversion: + strategy: None group: apiextensions.crossplane.io names: categories: @@ -3881,28 +4881,40 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A Composition defines a collection of managed resources or functions that + description: 'A Composition defines a collection of managed resources or functions + that + Crossplane uses to create and manage new composite resources. + Read the Crossplane documentation for - [more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions). + + [more information about Compositions](https://docs.crossplane.io/latest/concepts/compositions).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -3910,9 +4922,10 @@ spec: description: CompositionSpec specifies desired state of a composition. properties: compositeTypeRef: - description: |- - CompositeTypeRef specifies the type of composite resource that this - composition is compatible with. + description: 'CompositeTypeRef specifies the type of composite resource + that this + + composition is compatible with.' properties: apiVersion: description: APIVersion of the type. @@ -3924,46 +4937,67 @@ spec: - apiVersion - kind type: object + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf environment: - description: |- - Environment configures the environment in which resources are rendered. + description: 'Environment configures the environment in which resources + are rendered. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: defaultData: additionalProperties: x-kubernetes-preserve-unknown-fields: true - description: |- - DefaultData statically defines the initial state of the environment. + description: 'DefaultData statically defines the initial state + of the environment. + It has the same schema-less structure as the data field in + environment configs. - It is overwritten by the selected environment configs. + + It is overwritten by the selected environment configs.' type: object environmentConfigs: - description: |- - EnvironmentConfigs selects a list of `EnvironmentConfig`s. The resolved + description: 'EnvironmentConfigs selects a list of `EnvironmentConfig`s. + The resolved + resources are stored in the composite resource at + `spec.environmentConfigRefs` and is only updated if it is null. - The list of references is used to compute an in-memory environment at - compose time. The data of all object is merged in the order they are - listed, meaning the values of EnvironmentConfigs with a larger index take + + The list of references is used to compute an in-memory environment + at + + compose time. The data of all object is merged in the order + they are + + listed, meaning the values of EnvironmentConfigs with a larger + index take + priority over ones with smaller indices. + The computed environment can be accessed in a composition using - `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches. + + `FromEnvironmentFieldPath` and `CombineFromEnvironment` patches.' items: description: EnvironmentSource selects a EnvironmentConfig resource. properties: ref: - description: |- - Ref is a named reference to a single EnvironmentConfig. - Either Ref or Selector is required. + description: 'Ref is a named reference to a single EnvironmentConfig. + + Either Ref or Selector is required.' properties: name: description: The name of the object. @@ -3978,20 +5012,31 @@ spec: description: MatchLabels ensures an object with matching labels is selected. items: - description: |- - An EnvironmentSourceSelectorLabelMatcher acts like a k8s label selector but - can draw the label value from a different path. + description: 'An EnvironmentSourceSelectorLabelMatcher + acts like a k8s label selector but + + can draw the label value from a different path.' properties: fromFieldPathPolicy: default: Required - description: |- - FromFieldPathPolicy specifies the policy for the valueFromFieldPath. - The default is Required, meaning that an error will be returned if the + description: 'FromFieldPathPolicy specifies the + policy for the valueFromFieldPath. + + The default is Required, meaning that an error + will be returned if the + field is not found in the composite resource. - Optional means that if the field is not found in the composite resource, - that label pair will just be skipped. N.B. other specified label - matchers will still be used to retrieve the desired - environment config, if any. + + Optional means that if the field is not found + in the composite resource, + + that label pair will just be skipped. N.B. other + specified label + + matchers will still be used to retrieve the + desired + + environment config, if any.' enum: - Optional - Required @@ -4046,9 +5091,10 @@ spec: type: object type: default: Reference - description: |- - Type specifies the way the EnvironmentConfig is selected. - Default is `Reference` + description: 'Type specifies the way the EnvironmentConfig + is selected. + + Default is `Reference`' enum: - Reference - Selector @@ -4056,51 +5102,62 @@ spec: type: object type: array patches: - description: |- - Patches is a list of environment patches that are executed before a - composition's resources are composed. + description: 'Patches is a list of environment patches that are + executed before a + + composition''s resources are composed.' items: description: EnvironmentPatch is a patch for a Composition environment. properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite or - CombineToComposite patch. + description: 'Combine is the patch configuration for a CombineFromComposite + or + + CombineToComposite patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use to + combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables should + be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables whose + values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -4112,21 +5169,29 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is - to be used as input. Required when type is FromCompositeFieldPath or - ToCompositeFieldPath. + description: 'FromFieldPath is the path of the field on + the resource whose value is + + to be used as input. Required when type is FromCompositeFieldPath + or + + ToCompositeFieldPath.' type: string policy: description: Policy configures the specifics of patching behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch from + a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -4146,36 +5211,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on the + resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -4215,29 +5291,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should be + returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. - items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of the + first match is used as + + result of this transform.' + items: + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches the + input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against the + input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as result @@ -4245,17 +5328,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + + + * `literal` - the pattern value has to + exactly match (case sensitive) the - * `literal` - the pattern value has to exactly match (case sensitive) the input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as a + regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -4267,9 +5358,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -4296,19 +5388,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to be + specified. + + `ToUpper` and `ToLower` change the letter case + of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its raw + JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based on + the input string.' enum: - ToUpper - ToLower @@ -4321,18 +5426,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -4346,9 +5453,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -4385,9 +5493,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - ToCompositeFieldPath @@ -4397,27 +5506,38 @@ spec: type: object type: array policy: - description: |- - Policy represents the Resolve and Resolution policies which apply to - all EnvironmentSourceReferences in EnvironmentConfigs list. + description: 'Policy represents the Resolve and Resolution policies + which apply to + + all EnvironmentSourceReferences in EnvironmentConfigs list.' properties: resolution: default: Required - description: |- - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. + description: 'Resolution specifies whether resolution of this + reference is required. + + The default is ''Required'', which means the reconcile will + fail if the + + reference cannot be resolved. ''Optional'' means this reference + will be + + a no-op if it cannot be resolved.' enum: - Required - Optional type: string resolve: - description: |- - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. + description: 'Resolve specifies when this reference should + be resolved. The default + + is ''IfNotPresent'', which will attempt to resolve the reference + only when + + the corresponding field is not present. Use ''Always'' to + resolve the + + reference on every reconcile.' enum: - Always - IfNotPresent @@ -4426,38 +5546,65 @@ spec: type: object mode: default: Resources - description: |- - Mode controls what type or "mode" of Composition will be used. + description: 'Mode controls what type or "mode" of Composition will + be used. - "Resources" (the default) indicates that a Composition uses what is - commonly referred to as "Patch & Transform" or P&T composition. This mode - of Composition uses an array of resources, each a template for a composed - resource. + "Pipeline" indicates that a Composition specifies a pipeline of - "Pipeline" indicates that a Composition specifies a pipeline - of Composition Functions, each of which is responsible for producing - composed resources that Crossplane should create or update. THE PIPELINE - MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane - feature flag is disabled. + Composition Functions, each of which is responsible for producing + + composed resources that Crossplane should create or update. + + + + "Resources" indicates that a Composition uses what is commonly referred + + to as "Patch & Transform" or P&T composition. This mode of Composition + + uses an array of resources, each a template for a composed resource. + + + + All Compositions should use Pipeline mode. Resources mode is deprecated. + + Resources mode won''t be removed in Crossplane 1.x, and will remain + the + + default to avoid breaking legacy Compositions. However, it''s no + longer + + accepting new features, and only accepting security related bug + fixes.' enum: - Resources - Pipeline type: string patchSets: - description: |- - PatchSets define a named set of patches that may be included by any - resource in this Composition. PatchSets cannot themselves refer to other + description: 'PatchSets define a named set of patches that may be + included by any + + resource in this Composition. PatchSets cannot themselves refer + to other + PatchSets. - PatchSets are only used by the "Resources" mode of Composition. They + + PatchSets are only used by the "Resources" mode of Composition. + They + are ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' items: - description: |- - A PatchSet is a set of patches that can be reused from all resources within - a Composition. + description: 'A PatchSet is a set of patches that can be reused + from all resources within + + a Composition.' properties: name: description: Name of this PatchSet. @@ -4466,51 +5613,66 @@ spec: description: Patches will be applied as an overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -4522,10 +5684,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -4536,11 +5700,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -4560,36 +5729,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -4629,29 +5809,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -4660,17 +5847,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. + - * `literal` - the pattern value has to exactly match (case sensitive) the + * `literal` - the pattern value has + to exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -4682,9 +5877,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -4711,19 +5907,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -4736,18 +5945,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -4761,9 +5972,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -4800,9 +6012,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -4822,18 +6035,20 @@ spec: type: object type: array pipeline: - description: |- - Pipeline is a list of composition function steps that will be used when a - composite resource referring to this composition is created. One of + description: 'Pipeline is a list of composition function steps that + will be used when a + + composite resource referring to this composition is created. One + of + resources and pipeline must be specified - you cannot specify both. - The Pipeline is only used by the "Pipeline" mode of Composition. It is - ignored by other modes. + The Pipeline is only used by the "Pipeline" mode of Composition. + It is - THIS IS A BETA FIELD. It is not honored if the relevant Crossplane - feature flag is disabled. + ignored by other modes.' items: description: A PipelineStep in a Composition Function pipeline. properties: @@ -4841,17 +6056,19 @@ spec: description: Credentials are optional credentials that the Composition Function needs. items: - description: |- - FunctionCredentials are optional credentials that a Composition Function - needs to run. + description: 'FunctionCredentials are optional credentials + that a Composition Function + + needs to run.' properties: name: description: Name of this set of credentials. type: string secretRef: - description: |- - A SecretRef is a reference to a secret containing credentials that should - be supplied to the function. + description: 'A SecretRef is a reference to a secret containing + credentials that should + + be supplied to the function.' properties: name: description: Name of the secret. @@ -4878,9 +6095,10 @@ spec: - name x-kubernetes-list-type: map functionRef: - description: |- - FunctionRef is a reference to the Composition Function this step should - execute. + description: 'FunctionRef is a reference to the Composition + Function this step should + + execute.' properties: name: description: Name of the referenced Function. @@ -4889,10 +6107,12 @@ spec: - name type: object input: - description: |- - Input is an optional, arbitrary Kubernetes resource (i.e. a resource + description: 'Input is an optional, arbitrary Kubernetes resource + (i.e. a resource + with an apiVersion and kind) that will be passed to the Composition - Function as the 'input' of its RunFunctionRequest. + + Function as the ''input'' of its RunFunctionRequest.' type: object x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true @@ -4910,15 +6130,21 @@ spec: publishConnectionDetailsWithStoreConfigRef: default: name: default - description: |- - PublishConnectionDetailsWithStoreConfig specifies the secret store config + description: 'PublishConnectionDetailsWithStoreConfig specifies the + secret store config + with which the connection details of composite resources dynamically + provisioned using this composition will be published. + THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored - unless the relevant Crossplane feature flag is enabled, and may be - changed or removed without notice. + + unless the relevant Crossplane feature flag is enabled, and may + be + + changed or removed without notice.' properties: name: description: Name of the referenced StoreConfig. @@ -4927,17 +6153,26 @@ spec: - name type: object resources: - description: |- - Resources is a list of resource templates that will be used when a + description: 'Resources is a list of resource templates that will + be used when a + composite resource referring to this composition is created. - Resources are only used by the "Resources" mode of Composition. They are + + Resources are only used by the "Resources" mode of Composition. + They are + ignored by other modes. + + + + Deprecated: Use Composition Functions instead.' items: - description: |- - ComposedTemplate is used to provide information about how the composed resource - should be processed. + description: 'ComposedTemplate is used to provide information about + how the composed resource + + should be processed.' properties: base: description: Base is the target resource that the patches will @@ -4946,112 +6181,158 @@ spec: x-kubernetes-embedded-resource: true x-kubernetes-preserve-unknown-fields: true connectionDetails: - description: |- - ConnectionDetails lists the propagation secret keys from this target - resource to the composition instance connection secret. + description: 'ConnectionDetails lists the propagation secret + keys from this target + + resource to the composition instance connection secret.' items: - description: |- - ConnectionDetail includes the information about the propagation of the connection - information from one secret to another. + description: 'ConnectionDetail includes the information about + the propagation of the connection + + information from one secret to another.' properties: fromConnectionSecretKey: - description: |- - FromConnectionSecretKey is the key that will be used to fetch the value - from the composed resource's connection secret. + description: 'FromConnectionSecretKey is the key that + will be used to fetch the value + + from the composed resource''s connection secret.' type: string fromFieldPath: - description: |- - FromFieldPath is the path of the field on the composed resource whose - value to be used as input. Name must be specified if the type is - FromFieldPath. + description: 'FromFieldPath is the path of the field on + the composed resource whose + + value to be used as input. Name must be specified if + the type is + + FromFieldPath.' type: string name: - description: |- - Name of the connection secret key that will be propagated to the - connection secret of the composition instance. Leave empty if you'd like - to use the same key name. + description: 'Name of the connection secret key that will + be propagated to the + + connection secret of the composition instance. Leave + empty if you''d like + + to use the same key name.' type: string type: - description: |- - Type sets the connection detail fetching behaviour to be used. Each - connection detail type may require its own fields to be set on the - ConnectionDetail object. If the type is omitted Crossplane will attempt - to infer it based on which other fields were specified. If multiple + description: 'Type sets the connection detail fetching + behaviour to be used. Each + + connection detail type may require its own fields to + be set on the + + ConnectionDetail object. If the type is omitted Crossplane + will attempt + + to infer it based on which other fields were specified. + If multiple + fields are specified the order of precedence is: + 1. FromValue + 2. FromConnectionSecretKey - 3. FromFieldPath + + 3. FromFieldPath' enum: - FromConnectionSecretKey - FromFieldPath - FromValue type: string value: - description: |- - Value that will be propagated to the connection secret of the composite - resource. May be set to inject a fixed, non-sensitive connection secret - value, for example a well-known port. + description: 'Value that will be propagated to the connection + secret of the composite + + resource. May be set to inject a fixed, non-sensitive + connection secret + + value, for example a well-known port.' type: string type: object type: array name: - description: |- - A Name uniquely identifies this entry within its Composition's resources - array. Names are optional but *strongly* recommended. When all entries in - the resources array are named entries may added, deleted, and reordered - as long as their names do not change. When entries are not named the - length and order of the resources array should be treated as immutable. - Either all or no entries must be named. + description: 'A Name uniquely identifies this entry within its + Composition''s resources + + array. Names are optional but *strongly* recommended. When + all entries in + + the resources array are named entries may added, deleted, + and reordered + + as long as their names do not change. When entries are not + named the + + length and order of the resources array should be treated + as immutable. + + Either all or no entries must be named.' type: string patches: description: Patches will be applied as overlay to the base resource. items: - description: |- - Patch objects are applied between composite and composed resources. Their + description: 'Patch objects are applied between composite + and composed resources. Their + behaviour depends on the Type selected. The default Type, - FromCompositeFieldPath, copies a value from the composite resource to - the composed resource, applying any defined transformers. + + FromCompositeFieldPath, copies a value from the composite + resource to + + the composed resource, applying any defined transformers.' properties: combine: - description: |- - Combine is the patch configuration for a CombineFromComposite, - CombineFromEnvironment, CombineToComposite or CombineToEnvironment patch. + description: 'Combine is the patch configuration for a + CombineFromComposite, + + CombineFromEnvironment, CombineToComposite or CombineToEnvironment + patch.' properties: strategy: - description: |- - Strategy defines the strategy to use to combine the input variable values. - Currently only string is supported. + description: 'Strategy defines the strategy to use + to combine the input variable values. + + Currently only string is supported.' enum: - string type: string string: - description: |- - String declares that input variables should be combined into a single - string, using the relevant settings for formatting purposes. + description: 'String declares that input variables + should be combined into a single + + string, using the relevant settings for formatting + purposes.' properties: fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string required: - fmt type: object variables: - description: |- - Variables are the list of variables whose values will be retrieved and - combined. + description: 'Variables are the list of variables + whose values will be retrieved and + + combined.' items: - description: |- - A CombineVariable defines the source of a value that is combined with - others to form and patch an output value. Currently, this only supports - retrieving values from a field path. + description: 'A CombineVariable defines the source + of a value that is combined with + + others to form and patch an output value. Currently, + this only supports + + retrieving values from a field path.' properties: fromFieldPath: - description: |- - FromFieldPath is the path of the field on the source whose value is - to be used as input. + description: 'FromFieldPath is the path of the + field on the source whose value is + + to be used as input.' type: string required: - fromFieldPath @@ -5063,10 +6344,12 @@ spec: - variables type: object fromFieldPath: - description: |- - FromFieldPath is the path of the field on the resource whose value is + description: 'FromFieldPath is the path of the field on + the resource whose value is + to be used as input. Required when type is FromCompositeFieldPath, - FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath. + + FromEnvironmentFieldPath, ToCompositeFieldPath, ToEnvironmentFieldPath.' type: string patchSetName: description: PatchSetName to include patches from. Required @@ -5077,11 +6360,16 @@ spec: behaviour. properties: fromFieldPath: - description: |- - FromFieldPath specifies how to patch from a field path. The default is - 'Optional', which means the patch will be a no-op if the specified - fromFieldPath does not exist. Use 'Required' if the patch should fail if - the specified path does not exist. + description: 'FromFieldPath specifies how to patch + from a field path. The default is + + ''Optional'', which means the patch will be a no-op + if the specified + + fromFieldPath does not exist. Use ''Required'' if + the patch should fail if + + the specified path does not exist.' enum: - Optional - Required @@ -5101,36 +6389,47 @@ spec: type: object type: object toFieldPath: - description: |- - ToFieldPath is the path of the field on the resource whose value will - be changed with the result of transforms. Leave empty if you'd like to - propagate to the same path as fromFieldPath. + description: 'ToFieldPath is the path of the field on + the resource whose value will + + be changed with the result of transforms. Leave empty + if you''d like to + + propagate to the same path as fromFieldPath.' type: string transforms: - description: |- - Transforms are the list of functions that are used as a FIFO pipe for the - input to be transformed. + description: 'Transforms are the list of functions that + are used as a FIFO pipe for the + + input to be transformed.' items: - description: |- - Transform is a unit of process whose input is transformed into an output with - the supplied configuration. + description: 'Transform is a unit of process whose input + is transformed into an output with + + the supplied configuration.' properties: convert: description: Convert is used to cast the input into the given output type. properties: format: - description: |- - The expected input format. + description: 'The expected input format. + * `quantity` - parses the input as a K8s [`resource.Quantity`](https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity). + Only used during `string -> float64` conversions. + * `json` - parses the input as a JSON string. - Only used during `string -> object` or `string -> list` conversions. + Only used during `string -> object` or `string + -> list` conversions. - If this property is null, the default conversion is applied. + + + If this property is null, the default conversion + is applied.' enum: - none - quantity @@ -5170,29 +6469,36 @@ spec: - Input type: string fallbackValue: - description: |- - The fallback value that should be returned by the transform if now pattern - matches. + description: 'The fallback value that should + be returned by the transform if now pattern + + matches.' x-kubernetes-preserve-unknown-fields: true patterns: - description: |- - The patterns that should be tested against the input string. - Patterns are tested in order. The value of the first match is used as - result of this transform. + description: 'The patterns that should be tested + against the input string. + + Patterns are tested in order. The value of + the first match is used as + + result of this transform.' items: - description: |- - MatchTransformPattern is a transform that returns the value that matches a - pattern. + description: 'MatchTransformPattern is a transform + that returns the value that matches a + + pattern.' properties: literal: - description: |- - Literal exactly matches the input string (case sensitive). - Is required if `type` is `literal`. + description: 'Literal exactly matches + the input string (case sensitive). + + Is required if `type` is `literal`.' type: string regexp: - description: |- - Regexp to match against the input string. - Is required if `type` is `regexp`. + description: 'Regexp to match against + the input string. + + Is required if `type` is `regexp`.' type: string result: description: The value that is used as @@ -5201,17 +6507,25 @@ spec: x-kubernetes-preserve-unknown-fields: true type: default: literal - description: |- - Type specifies how the pattern matches the input. + description: 'Type specifies how the pattern + matches the input. - * `literal` - the pattern value has to exactly match (case sensitive) the + + * `literal` - the pattern value has + to exactly match (case sensitive) the + input string. This is the default. - * `regexp` - the pattern treated as a regular expression against - which the input string is tested. Crossplane will throw an error if the - key is not a valid regexp. + + * `regexp` - the pattern treated as + a regular expression against + + which the input string is tested. Crossplane + will throw an error if the + + key is not a valid regexp.' enum: - literal - regexp @@ -5223,9 +6537,10 @@ spec: type: array type: object math: - description: |- - Math is used to transform the input via mathematical operations such as - multiplication. + description: 'Math is used to transform the input + via mathematical operations such as + + multiplication.' properties: clampMax: description: ClampMax makes sure that the value @@ -5252,19 +6567,32 @@ spec: type: string type: object string: - description: |- - String is used to transform the input into a string or a different kind - of string. Note that the input does not necessarily need to be a string. + description: 'String is used to transform the input + into a string or a different kind + + of string. Note that the input does not necessarily + need to be a string.' properties: convert: - description: |- - Optional conversion method to be specified. - `ToUpper` and `ToLower` change the letter case of the input string. - `ToBase64` and `FromBase64` perform a base64 conversion based on the input string. - `ToJson` converts any input value into its raw JSON representation. - `ToSha1`, `ToSha256` and `ToSha512` generate a hash value based on the input + description: 'Optional conversion method to + be specified. + + `ToUpper` and `ToLower` change the letter + case of the input string. + + `ToBase64` and `FromBase64` perform a base64 + conversion based on the input string. + + `ToJson` converts any input value into its + raw JSON representation. + + `ToSha1`, `ToSha256` and `ToSha512` generate + a hash value based on the input + converted to JSON. - `ToAdler32` generate a addler32 hash based on the input string. + + `ToAdler32` generate a addler32 hash based + on the input string.' enum: - ToUpper - ToLower @@ -5277,18 +6605,20 @@ spec: - ToAdler32 type: string fmt: - description: |- - Format the input using a Go format string. See - https://golang.org/pkg/fmt/ for details. + description: 'Format the input using a Go format + string. See + + https://golang.org/pkg/fmt/ for details.' type: string join: description: Join defines parameters to join a slice of values to a string. properties: separator: - description: |- - Separator defines the character that should separate the values from each - other in the joined string. + description: 'Separator defines the character + that should separate the values from each + + other in the joined string.' type: string required: - separator @@ -5302,9 +6632,10 @@ spec: default) matches the entire expression. type: integer match: - description: |- - Match string. May optionally include submatches, aka capture groups. - See https://pkg.go.dev/regexp/ for details. + description: 'Match string. May optionally + include submatches, aka capture groups. + + See https://pkg.go.dev/regexp/ for details.' type: string required: - match @@ -5341,9 +6672,10 @@ spec: type: array type: default: FromCompositeFieldPath - description: |- - Type sets the patching behaviour to be used. Each patch type may require - its own fields to be set on the Patch object. + description: 'Type sets the patching behaviour to be used. + Each patch type may require + + its own fields to be set on the Patch object.' enum: - FromCompositeFieldPath - FromEnvironmentFieldPath @@ -5360,17 +6692,22 @@ spec: readinessChecks: default: - matchCondition: - status: "True" + status: 'True' type: Ready type: MatchCondition - description: |- - ReadinessChecks allows users to define custom readiness checks. All checks - have to return true in order for resource to be considered ready. The - default readiness check is to have the "Ready" condition to be "True". + description: 'ReadinessChecks allows users to define custom + readiness checks. All checks + + have to return true in order for resource to be considered + ready. The + + default readiness check is to have the "Ready" condition to + be "True".' items: - description: |- - ReadinessCheck is used to indicate how to tell whether a resource is ready - for consumption. + description: 'ReadinessCheck is used to indicate how to tell + whether a resource is ready + + for consumption.' properties: fieldPath: description: FieldPath shows the path of the field whose @@ -5381,7 +6718,7 @@ spec: like to match if you're using "MatchCondition" type. properties: status: - default: "True" + default: 'True' description: Status is the status of the condition you'd like to match. type: string @@ -5424,15 +6761,25 @@ spec: type: object type: array writeConnectionSecretsToNamespace: - description: |- - WriteConnectionSecretsToNamespace specifies the namespace in which the - connection secrets of composite resource dynamically provisioned using + description: 'WriteConnectionSecretsToNamespace specifies the namespace + in which the + + connection secrets of composite resource dynamically provisioned + using + this composition will be created. - This field is planned to be replaced in a future release in favor of - PublishConnectionDetailsWithStoreConfigRef. Currently, both could be + + This field is planned to be replaced in a future release in favor + of + + PublishConnectionDetailsWithStoreConfigRef. Currently, both could + be + set independently and connection details would be published to both + without affecting each other as long as related fields at MR level - specified. + + specified.' type: string required: - compositeTypeRef @@ -5441,352 +6788,113 @@ spec: served: true storage: true subresources: {} +status: + acceptedNames: + categories: + - crossplane + kind: Composition + listKind: CompositionList + plural: compositions + shortNames: + - comp + singular: composition + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 - name: environmentconfigs.apiextensions.crossplane.io + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 + name: configurationrevisions.pkg.crossplane.io + resourceVersion: '550' + uid: 54f0ad8d-2699-4497-87f2-9a893f421eb5 spec: - group: apiextensions.crossplane.io + conversion: + strategy: None + group: pkg.crossplane.io names: categories: - crossplane - kind: EnvironmentConfig - listKind: EnvironmentConfigList - plural: environmentconfigs - shortNames: - - envcfg - singular: environmentconfig + - pkgrev + kind: ConfigurationRevision + listKind: ConfigurationRevisionList + plural: configurationrevisions + singular: configurationrevision scope: Cluster versions: - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Healthy')].status + name: HEALTHY + type: string + - jsonPath: .spec.revision + name: REVISION + type: string + - jsonPath: .spec.image + name: IMAGE + type: string + - jsonPath: .spec.desiredState + name: STATE + type: string + - jsonPath: .status.foundDependencies + name: DEP-FOUND + type: string + - jsonPath: .status.installedDependencies + name: DEP-INSTALLED + type: string - jsonPath: .metadata.creationTimestamp name: AGE type: date - name: v1alpha1 + name: v1 schema: openAPIV3Schema: - description: |- - An EnvironmentConfig contains user-defined unstructured values for - use in a Composition. + description: 'A ConfigurationRevision represents a revision of a Configuration. + Crossplane + + creates new revisions when there are changes to a Configuration. - Read the Crossplane documentation for - [more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs). + + Crossplane creates and manages ConfigurationRevision. Don''t directly edit + + ConfigurationRevisions.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - data: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - description: |- - The data of this EnvironmentConfig. - This may contain any kind of structure that can be serialized into JSON. - type: object kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: usages.apiextensions.crossplane.io -spec: - group: apiextensions.crossplane.io - names: - categories: - - crossplane - kind: Usage - listKind: UsageList - plural: usages - singular: usage - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .metadata.annotations.crossplane\.io/usage-details - name: DETAILS - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - A Usage defines a deletion blocking relationship between two resources. - + description: 'Kind is a string value representing the REST resource this + object represents. - Usages prevent accidental deletion of a single resource or deletion of - resources with dependent resources. + Servers may infer this from the endpoint the client submits requests + to. - - Read the Crossplane documentation for - [more information about Compositions](https://docs.crossplane.io/latest/concepts/usages). - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: UsageSpec defines the desired state of Usage. - properties: - by: - description: By is the resource that is "using the other resource". - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - resourceRef: - description: Reference to the resource. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - resourceSelector: - description: |- - Selector to the resource. - This field will be ignored if ResourceRef is set. - properties: - matchControllerRef: - description: |- - MatchControllerRef ensures an object with the same controller reference - as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - type: object - type: object - x-kubernetes-validations: - - message: either a resource reference or a resource selector should - be set. - rule: has(self.resourceRef) || has(self.resourceSelector) - of: - description: Of is the resource that is "being used". - properties: - apiVersion: - description: API version of the referent. - type: string - kind: - description: |- - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - resourceRef: - description: Reference to the resource. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - resourceSelector: - description: |- - Selector to the resource. - This field will be ignored if ResourceRef is set. - properties: - matchControllerRef: - description: |- - MatchControllerRef ensures an object with the same controller reference - as the selecting object is selected. - type: boolean - matchLabels: - additionalProperties: - type: string - description: MatchLabels ensures an object with matching labels - is selected. - type: object - type: object - type: object - x-kubernetes-validations: - - message: either a resource reference or a resource selector should - be set. - rule: has(self.resourceRef) || has(self.resourceSelector) - reason: - description: Reason is the reason for blocking deletion of the resource. - type: string - replayDeletion: - description: ReplayDeletion will trigger a deletion on the used resource - during the deletion of the usage itself, if it was attempted to - be deleted at least once. - type: boolean - required: - - of - type: object - x-kubernetes-validations: - - message: either "spec.by" or "spec.reason" must be specified. - rule: has(self.by) || has(self.reason) - status: - description: UsageStatus defines the observed state of Usage. - properties: - conditions: - description: Conditions of the resource. - items: - description: A Condition that may apply to a resource. - properties: - lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. - format: date-time - type: string - message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. - type: string - observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - type: integer - reason: - description: A Reason for this condition's last transition from - one status to another. - type: string - status: - description: Status of this condition; is it currently True, - False, or Unknown? - type: string - type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. - type: string - required: - - lastTransitionTime - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: configurationrevisions.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkgrev - kind: ConfigurationRevision - listKind: ConfigurationRevisionList - plural: configurationrevisions - singular: configurationrevision - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Healthy')].status - name: HEALTHY - type: string - - jsonPath: .spec.revision - name: REVISION - type: string - - jsonPath: .spec.image - name: IMAGE - type: string - - jsonPath: .spec.desiredState - name: STATE - type: string - - jsonPath: .status.foundDependencies - name: DEP-FOUND - type: string - - jsonPath: .status.installedDependencies - name: DEP-INSTALLED - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1 - schema: - openAPIV3Schema: - description: |- - A ConfigurationRevision represents a revision of a Configuration. Crossplane - creates new revisions when there are changes to a Configuration. - - Crossplane creates and manages ConfigurationRevision. Don't directly edit - ConfigurationRevisions. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -5796,11 +6904,14 @@ spec: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object desiredState: description: DesiredState of the PackageRevision. Can be either Active @@ -5808,10 +6919,12 @@ spec: type: string ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean image: description: Package image used by install Pod to extract package @@ -5819,44 +6932,58 @@ spec: type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. It is also - applied to any images pulled for the package, such as a provider's + description: 'PackagePullPolicy defines the pull policy for the package. + It is also + + applied to any images pulled for the package, such as a provider''s + controller image. - Default is IfNotPresent. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be - used to fetch packages from private registries. They are also applied to - any images pulled for the package, such as a provider's controller image. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be + + used to fetch packages from private registries. They are also applied + to + + any images pulled for the package, such as a provider''s controller + image.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revision: - description: |- - Revision number. Indicates when the revision will be garbage collected - based on the parent's RevisionHistoryLimit. + description: 'Revision number. Indicates when the revision will be + garbage collected + + based on the parent''s RevisionHistoryLimit.' format: int64 type: integer skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean required: - desiredState @@ -5873,21 +7000,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -5899,9 +7032,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -5926,11 +7060,14 @@ spec: objectRefs: description: References to objects owned by PackageRevision. items: - description: |- - A TypedReference refers to an object by Name, Kind, and APIVersion. It is - commonly used to reference cluster-scoped objects or objects where the - namespace is already known. - properties: + description: 'A TypedReference refers to an object by Name, Kind, + and APIVersion. It is + + commonly used to reference cluster-scoped objects or objects where + the + + namespace is already known.' + properties: apiVersion: description: APIVersion of the referenced object. type: string @@ -5950,30 +7087,46 @@ spec: type: object type: array permissionRequests: - description: |- - PermissionRequests made by this package. The package declares that its + description: 'PermissionRequests made by this package. The package + declares that its + controller needs these permissions to run. The RBAC manager is - responsible for granting them. + + responsible for granting them.' items: - description: |- - PolicyRule holds information that describes a policy rule, but does not contain information - about who the rule applies to or which namespace the rule applies to. + description: 'PolicyRule holds information that describes a policy + rule, but does not contain information + + about who the rule applies to or which namespace the rule applies + to.' properties: apiGroups: - description: |- - APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + description: 'APIGroups is the name of the APIGroup that contains + the resources. If multiple API groups are specified, any + action requested against one of + + the enumerated resources in any API group will be allowed. + "" represents the core API group and "*" represents all API + groups.' items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: - description: |- - NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path - Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. - Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + description: 'NonResourceURLs is a set of partial urls that + a user should have access to. *s are allowed, but only as + the full, final step in the path + + Since non-resource URLs are not namespaced, this field is + only applicable for ClusterRoles referenced from a ClusterRoleBinding. + + Rules can either apply to API resources (such as "pods" or + "secrets") or non-resource URL paths (such as "/api"), but + not both.' items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything @@ -5981,18 +7134,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object @@ -6003,14 +7159,42 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + - pkgrev + kind: ConfigurationRevision + listKind: ConfigurationRevisionList + plural: configurationrevisions + singular: configurationrevision + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: configurations.pkg.crossplane.io + resourceVersion: '552' + uid: 965b3b2e-7868-462b-9db6-43d38033bc7c spec: + conversion: + strategy: None group: pkg.crossplane.io names: categories: @@ -6038,102 +7222,132 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A Configuration installs an OCI compatible Crossplane package, extending + description: 'A Configuration installs an OCI compatible Crossplane package, + extending + Crossplane with support for new kinds of CompositeResourceDefinitions and + Compositions. + Read the Crossplane documentation for - [more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages). + + [more information about Configuration packages](https://docs.crossplane.io/latest/concepts/packages).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - ConfigurationSpec specifies details about a request to install a - configuration to Crossplane. + description: 'ConfigurationSpec specifies details about a request to install + a + + configuration to Crossplane.' properties: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean package: description: Package is the name of the package that is being requested. type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. - Default is IfNotPresent. + description: 'PackagePullPolicy defines the pull policy for the package. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be used - to fetch packages from private registries. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be used + + to fetch packages from private registries.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revisionActivationPolicy: default: Automatic - description: |- - RevisionActivationPolicy specifies how the package controller should + description: 'RevisionActivationPolicy specifies how the package controller + should + update from one revision to the next. Options are Automatic or Manual. - Default is Automatic. + + Default is Automatic.' type: string revisionHistoryLimit: default: 1 - description: |- - RevisionHistoryLimit dictates how the package controller cleans up old + description: 'RevisionHistoryLimit dictates how the package controller + cleans up old + inactive package revisions. - Defaults to 1. Can be disabled by explicitly setting to 0. + + Defaults to 1. Can be disabled by explicitly setting to 0.' format: int64 type: integer skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean required: - package @@ -6147,21 +7361,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -6173,9 +7393,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -6188,19 +7409,29 @@ spec: - type x-kubernetes-list-type: map currentIdentifier: - description: |- - CurrentIdentifier is the most recent package source that was used to + description: 'CurrentIdentifier is the most recent package source + that was used to + produce a revision. The package manager uses this field to determine + whether to check for package updates for a given source when - packagePullPolicy is set to IfNotPresent. Manually removing this field - will cause the package manager to check that the current revision is - correct for the given package source. + + packagePullPolicy is set to IfNotPresent. Manually removing this + field + + will cause the package manager to check that the current revision + is + + correct for the given package source.' type: string currentRevision: - description: |- - CurrentRevision is the name of the current package revision. It will - reflect the most up to date revision, whether it has been activated or - not. + description: 'CurrentRevision is the name of the current package revision. + It will + + reflect the most up to date revision, whether it has been activated + or + + not.' type: string type: object type: object @@ -6208,14 +7439,42 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + - pkg + kind: Configuration + listKind: ConfigurationList + plural: configurations + singular: configuration + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: controllerconfigs.pkg.crossplane.io + resourceVersion: '555' + uid: 6b10834b-f8a0-4eb4-9f84-19316ca26523 spec: + conversion: + strategy: None group: pkg.crossplane.io names: kind: ControllerConfig @@ -6234,39 +7493,56 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: |- - A ControllerConfig applies settings to controllers like Provider pods. + description: 'A ControllerConfig applies settings to controllers like Provider + pods. + Deprecated: Use the + [DeploymentRuntimeConfig](https://docs.crossplane.io/latest/concepts/providers#runtime-configuration) + instead. + Read the + [Package Runtime Configuration](https://github.com/crossplane/crossplane/blob/11bbe13ea3604928cc4e24e8d0d18f3f5f7e847c/design/one-pager-package-runtime-config.md) - design document for more details. + + design document for more details.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - ControllerConfigSpec specifies the configuration for a packaged controller. + description: 'ControllerConfigSpec specifies the configuration for a packaged + controller. + Values provided will override package manager defaults. Labels and - annotations are passed to both the controller Deployment and ServiceAccount. + + annotations are passed to both the controller Deployment and ServiceAccount.' properties: affinity: description: If specified, the pod's scheduling constraints @@ -6276,20 +7552,37 @@ spec: pod. properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to schedule pods to + nodes that satisfy + + the affinity expressions specified by this field, but it + may choose + + a node that violates one or more of the expressions. The + node that is + + most preferred is the one with the greatest sum of weights, + i.e. + + for each node that meets all of the scheduling requirements + (resource + + request, requiredDuringScheduling affinity expressions, + etc.), + + compute a sum by iterating through the elements of this + field and adding + + "weight" to the sum if the node matches the corresponding + matchExpressions; the + + node(s) with the highest sum are the most preferred.' items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + description: 'An empty preferred scheduling term matches + all objects with implicit weight 0 + + (i.e. it''s a no-op). A null preferred scheduling term + matches no objects (i.e. is also a no-op).' properties: preference: description: A node selector term, associated with the @@ -6299,66 +7592,94 @@ spec: description: A list of node selector requirements by node's labels. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector requirement is a + selector that contains values, a key, and an + operator + + that relates the key and values.' properties: key: description: The label key that the selector applies to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a key''s relationship + to a set of values. + + Valid operators are In, NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of string values. If + the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. If the operator + is Gt or Lt, the values + + array must have a single element, which + will be interpreted as an integer. + + This array is replaced during a strategic + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector requirement is a + selector that contains values, a key, and an + operator + + that relates the key and values.' properties: key: description: The label key that the selector applies to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a key''s relationship + to a set of values. + + Valid operators are In, NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of string values. If + the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. If the operator + is Gt or Lt, the values + + array must have a single element, which + will be interpreted as an integer. + + This array is replaced during a strategic + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -6371,90 +7692,131 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. + description: 'If the affinity requirements specified by this + field are not met at + + scheduling time, the pod will not be scheduled onto the + node. + + If the affinity requirements specified by this field cease + to be met + + at some point during pod execution (e.g. due to an update), + the system + + may or may not try to eventually evict the pod from its + node.' properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: - description: |- - A null or empty node selector term matches no objects. The requirements of + description: 'A null or empty node selector term matches + no objects. The requirements of + them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + + The TopologySelectorTerm type implements a subset + of the NodeSelectorTerm.' properties: matchExpressions: description: A list of node selector requirements by node's labels. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector requirement is a + selector that contains values, a key, and an + operator + + that relates the key and values.' properties: key: description: The label key that the selector applies to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a key''s relationship + to a set of values. + + Valid operators are In, NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of string values. If + the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. If the operator + is Gt or Lt, the values + + array must have a single element, which + will be interpreted as an integer. + + This array is replaced during a strategic + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector requirement is a + selector that contains values, a key, and an + operator + + that relates the key and values.' properties: key: description: The label key that the selector applies to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a key''s relationship + to a set of values. + + Valid operators are In, NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of string values. If + the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. If the operator + is Gt or Lt, the values + + array must have a single element, which + will be interpreted as an integer. + + This array is replaced during a strategic + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -6465,16 +7827,31 @@ spec: this pod in the same node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to schedule pods to + nodes that satisfy + + the affinity expressions specified by this field, but it + may choose + + a node that violates one or more of the expressions. The + node that is + + most preferred is the one with the greatest sum of weights, + i.e. + + for each node that meets all of the scheduling requirements + (resource + + request, requiredDuringScheduling affinity expressions, + etc.), + + compute a sum by iterating through the elements of this + field and adding + + "weight" to the sum if the node has pods which matches the + corresponding podAffinityTerm; the + + node(s) with the highest sum are the most preferred.' items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) @@ -6484,156 +7861,240 @@ spec: with the corresponding weight. properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set of resources, + in this case pods. + + If it''s null, this PodAffinityTerm matches with + no Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a key, + and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MatchLabelKeys is a set of pod label + keys to select which pods will + + be taken into consideration. The keys are used + to lookup values from the + + incoming pod labels, those key-value labels are + merged with `labelSelector` as `key in (value)` + + to select the group of existing pods which pods + will be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + + pod labels will be ignored. The default value + is empty. + + The same key is forbidden to exist in both matchLabelKeys + and labelSelector. + + Also, matchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MismatchLabelKeys is a set of pod + label keys to select which pods will + + be taken into consideration. The keys are used + to lookup values from the + + incoming pod labels, those key-value labels are + merged with `labelSelector` as `key notin (value)` + + to select the group of existing pods which pods + will be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + + pod labels will be ignored. The default value + is empty. + + The same key is forbidden to exist in both mismatchLabelKeys + and labelSelector. + + Also, mismatchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field + description: 'A label query over the set of namespaces + that the term applies to. + + The term is applied to the union of the namespaces + selected by this field + and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + + null selector and null or empty namespaces list + means "this pod''s namespace". + + An empty selector ({}) matches all namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a key, + and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a static list + of namespace names that the term applies to. + + The term is applied to the union of the namespaces + listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and null namespaceSelector + means "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching + + the labelSelector in the specified namespaces, + where co-located is defined as running on a node + + whose value of the label with key topologyKey + matches that of any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. + description: 'weight associated with matching the corresponding + podAffinityTerm, + + in the range 1-100.' format: int32 type: integer required: @@ -6641,170 +8102,273 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. + description: 'If the affinity requirements specified by this + field are not met at + + scheduling time, the pod will not be scheduled onto the + node. + + If the affinity requirements specified by this field cease + to be met + + at some point during pod execution (e.g. due to a pod label + update), the + + system may or may not try to eventually evict the pod from + its node. + + When there are multiple elements, the lists of nodes corresponding + to each + + podAffinityTerm are intersected, i.e. all terms must be + satisfied.' items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running + description: 'Defines a set of pods (namely those matching + the labelSelector + + relative to the given namespace(s)) that this pod should + be + + co-located (affinity) or not co-located (anti-affinity) + with, + + where co-located is defined as running on a node whose + value of + + the label with key matches that of any node + on which + + a pod of the set of pods is running' properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set of resources, + in this case pods. + + If it''s null, this PodAffinityTerm matches with no + Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement is + a selector that contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. This array + is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + description: 'MatchLabelKeys is a set of pod label keys + to select which pods will + + be taken into consideration. The keys are used to + lookup values from the + + incoming pod labels, those key-value labels are merged + with `labelSelector` as `key in (value)` + + to select the group of existing pods which pods will + be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + + The same key is forbidden to exist in both matchLabelKeys + and labelSelector. + + Also, matchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + description: 'MismatchLabelKeys is a set of pod label + keys to select which pods will + + be taken into consideration. The keys are used to + lookup values from the + + incoming pod labels, those key-value labels are merged + with `labelSelector` as `key notin (value)` + + to select the group of existing pods which pods will + be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + + The same key is forbidden to exist in both mismatchLabelKeys + and labelSelector. + + Also, mismatchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field + description: 'A label query over the set of namespaces + that the term applies to. + + The term is applied to the union of the namespaces + selected by this field + and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + + null selector and null or empty namespaces list means + "this pod''s namespace". + + An empty selector ({}) matches all namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement is + a selector that contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. This array + is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a static list of + namespace names that the term applies to. + + The term is applied to the union of the namespaces + listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and null namespaceSelector + means "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + + the labelSelector in the specified namespaces, where + co-located is defined as running on a node + + whose value of the label with key topologyKey matches + that of any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules (e.g. @@ -6812,16 +8376,31 @@ spec: other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to schedule pods to + nodes that satisfy + + the anti-affinity expressions specified by this field, but + it may choose + + a node that violates one or more of the expressions. The + node that is + + most preferred is the one with the greatest sum of weights, + i.e. + + for each node that meets all of the scheduling requirements + (resource + + request, requiredDuringScheduling anti-affinity expressions, + etc.), + + compute a sum by iterating through the elements of this + field and adding + + "weight" to the sum if the node has pods which matches the + corresponding podAffinityTerm; the + + node(s) with the highest sum are the most preferred.' items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) @@ -6831,156 +8410,240 @@ spec: with the corresponding weight. properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set of resources, + in this case pods. + + If it''s null, this PodAffinityTerm matches with + no Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a key, + and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array - x-kubernetes-list-type: atomic - mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string + description: 'MatchLabelKeys is a set of pod label + keys to select which pods will + + be taken into consideration. The keys are used + to lookup values from the + + incoming pod labels, those key-value labels are + merged with `labelSelector` as `key in (value)` + + to select the group of existing pods which pods + will be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + + pod labels will be ignored. The default value + is empty. + + The same key is forbidden to exist in both matchLabelKeys + and labelSelector. + + Also, matchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: 'MismatchLabelKeys is a set of pod + label keys to select which pods will + + be taken into consideration. The keys are used + to lookup values from the + + incoming pod labels, those key-value labels are + merged with `labelSelector` as `key notin (value)` + + to select the group of existing pods which pods + will be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + + pod labels will be ignored. The default value + is empty. + + The same key is forbidden to exist in both mismatchLabelKeys + and labelSelector. + + Also, mismatchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' + items: + type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field + description: 'A label query over the set of namespaces + that the term applies to. + + The term is applied to the union of the namespaces + selected by this field + and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + + null selector and null or empty namespaces list + means "this pod''s namespace". + + An empty selector ({}) matches all namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a key, + and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a static list + of namespace names that the term applies to. + + The term is applied to the union of the namespaces + listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and null namespaceSelector + means "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching + + the labelSelector in the specified namespaces, + where co-located is defined as running on a node + + whose value of the label with key topologyKey + matches that of any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. + description: 'weight associated with matching the corresponding + podAffinityTerm, + + in the range 1-100.' format: int32 type: integer required: @@ -6988,189 +8651,301 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. + description: 'If the anti-affinity requirements specified + by this field are not met at + + scheduling time, the pod will not be scheduled onto the + node. + + If the anti-affinity requirements specified by this field + cease to be met + + at some point during pod execution (e.g. due to a pod label + update), the + + system may or may not try to eventually evict the pod from + its node. + + When there are multiple elements, the lists of nodes corresponding + to each + + podAffinityTerm are intersected, i.e. all terms must be + satisfied.' items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running + description: 'Defines a set of pods (namely those matching + the labelSelector + + relative to the given namespace(s)) that this pod should + be + + co-located (affinity) or not co-located (anti-affinity) + with, + + where co-located is defined as running on a node whose + value of + + the label with key matches that of any node + on which + + a pod of the set of pods is running' properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set of resources, + in this case pods. + + If it''s null, this PodAffinityTerm matches with no + Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement is + a selector that contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. This array + is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + description: 'MatchLabelKeys is a set of pod label keys + to select which pods will + + be taken into consideration. The keys are used to + lookup values from the + + incoming pod labels, those key-value labels are merged + with `labelSelector` as `key in (value)` + + to select the group of existing pods which pods will + be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + + The same key is forbidden to exist in both matchLabelKeys + and labelSelector. + + Also, matchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + description: 'MismatchLabelKeys is a set of pod label + keys to select which pods will + + be taken into consideration. The keys are used to + lookup values from the + + incoming pod labels, those key-value labels are merged + with `labelSelector` as `key notin (value)` + + to select the group of existing pods which pods will + be taken into consideration + + for the incoming pod''s pod (anti) affinity. Keys + that don''t exist in the incoming + pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + + The same key is forbidden to exist in both mismatchLabelKeys + and labelSelector. + + Also, mismatchLabelKeys cannot be set when labelSelector + isn''t set. + + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field + description: 'A label query over the set of namespaces + that the term applies to. + + The term is applied to the union of the namespaces + selected by this field + and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + + null selector and null or empty namespaces list means + "this pod''s namespace". + + An empty selector ({}) matches all namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement is + a selector that contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. If the + operator is Exists or DoesNotExist, + + the values array must be empty. This array + is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a static list of + namespace names that the term applies to. + + The term is applied to the union of the namespaces + listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and null namespaceSelector + means "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + + the labelSelector in the specified namespaces, where + co-located is defined as running on a node + + whose value of the label with key topologyKey matches + that of any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object args: - description: |- - Arguments to the entrypoint. - The docker image's CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + description: 'Arguments to the entrypoint. + + The docker image''s CMD is used if this is not provided. + + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable + + cannot be resolved, the reference in the input string will be unchanged. + The $(VAR_NAME) syntax + + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, + regardless of whether the variable exists or not. + Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array env: - description: |- - List of environment variables to set in the container. - Cannot be updated. + description: 'List of environment variables to set in the container. + + Cannot be updated.' items: description: EnvVar represents an environment variable present in a Container. @@ -7179,16 +8954,28 @@ spec: description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + description: 'Variable references $(VAR_NAME) are expanded + + using the previously defined environment variables in the + container and + + any service environment variables. If a variable cannot be + resolved, + + the reference in the input string will be unchanged. Double + $$ are reduced + + to a single $, which allows for escaping the $(VAR_NAME) syntax: + i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + + Escaped references will never be expanded, regardless of whether + the variable + exists or not. - Defaults to "". + + Defaults to "".' type: string valueFrom: description: Source for the environment variable's value. Cannot @@ -7201,10 +8988,11 @@ spec: description: The key to select. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: description: Specify whether the ConfigMap or its key @@ -7215,9 +9003,11 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, `metadata.labels['''']`, `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath is @@ -7232,9 +9022,12 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: 'Selects a resource of the container: only + resources limits and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and requests.ephemeral-storage) + are currently supported.' properties: containerName: description: 'Container name: required for volumes, @@ -7263,10 +9056,11 @@ spec: be a valid secret key. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: description: Specify whether the Secret or its key must @@ -7282,13 +9076,20 @@ spec: type: object type: array envFrom: - description: |- - List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple + description: 'List of sources to populate environment variables in + the container. + + The keys defined within a source must be a C_IDENTIFIER. All invalid + keys + + will be reported as an event when the container is starting. When + a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. - Cannot be updated. + + Cannot be updated.' items: description: EnvFromSource represents the source of a set of ConfigMaps properties: @@ -7296,10 +9097,11 @@ spec: description: The ConfigMap to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: description: Specify whether the ConfigMap must be defined @@ -7314,10 +9116,11 @@ spec: description: The Secret to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: description: Specify whether the Secret must be defined @@ -7327,38 +9130,54 @@ spec: type: object type: array image: - description: |- - Docker image name. + description: 'Docker image name. + More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management to default or override - container images in workload controllers like Deployments and StatefulSets. + + This field is optional to allow higher level config management to + default or override + + container images in workload controllers like Deployments and StatefulSets.' type: string imagePullPolicy: - description: |- - Image pull policy. + description: 'Image pull policy. + One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string imagePullSecrets: - description: |- - ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. - If specified, these secrets will be passed to individual puller implementations for them to use. For example, + description: 'ImagePullSecrets is an optional list of references to + secrets in the same namespace to use for pulling any of the images + used by this PodSpec. + + If specified, these secrets will be passed to individual puller + implementations for them to use. For example, + in the case of docker, only DockerConfig type secrets are honored. + More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod + Setting ImagePullSecrets will replace any secrets that have been - propagated to a controller Deployment, typically via packagePullSecrets. + + propagated to a controller Deployment, typically via packagePullSecrets.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -7369,106 +9188,195 @@ spec: annotations: additionalProperties: type: string - description: |- - Annotations is an unstructured key value map stored with a resource that may be - set by external tools to store and retrieve arbitrary metadata. They are not + description: 'Annotations is an unstructured key value map stored + with a resource that may be + + set by external tools to store and retrieve arbitrary metadata. + They are not + queryable and should be preserved when modifying objects. - More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + + More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' type: object labels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and + description: 'Map of string keys and values that can be used to + organize and + categorize (scope and select) objects. This will only affect + labels on the pod, not the pod selector. Labels will be merged + with internal labels used by crossplane, and labels with a + crossplane.io key might be overwritten. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object type: object nodeName: - description: |- - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits resource - requirements. + description: 'NodeName is a request to schedule this pod onto a specific + node. If it is non-empty, + + the scheduler simply schedules this pod onto that node, assuming + that it fits resource + + requirements.' type: string nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + description: 'NodeSelector is a selector which must be true for the + pod to fit on a node. + + Selector which must match a node''s labels for the pod to be scheduled + on that node. + + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object podSecurityContext: - description: |- - PodSecurityContext holds pod-level security attributes and common container settings. - Optional: Defaults to empty. See type description for default values of each field. + description: 'PodSecurityContext holds pod-level security attributes + and common container settings. + + Optional: Defaults to empty. See type description for default values + of each field.' properties: + appArmorProfile: + description: 'appArmorProfile is the AppArmor options to use by + the containers in this pod. + + Note that this field cannot be set when spec.os.name is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates a profile loaded + on the node that should be used. + + The profile must be preconfigured on the node to work. + + Must match the loaded name of the profile. + + Must be set if and only if type is "Localhost".' + type: string + type: + description: "type indicates which kind of AppArmor profile\ + \ will be applied.\nValid options are:\n Localhost - a\ + \ profile pre-loaded on the node.\n RuntimeDefault - the\ + \ container runtime's default profile.\n Unconfined - no\ + \ AppArmor enforcement." + type: string + required: + - type + type: object fsGroup: - description: |- - A special supplemental group that applies to all containers in a pod. - Some volume types allow the Kubelet to change the ownership of that volume + description: 'A special supplemental group that applies to all + containers in a pod. + + Some volume types allow the Kubelet to change the ownership + of that volume + to be owned by the pod: + 1. The owning GID will be the FSGroup - 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) - 3. The permission bits are OR'd with rw-rw---- + + 2. The setgid bit is set (new files created in the volume will + be owned by FSGroup) + + 3. The permission bits are OR''d with rw-rw---- + - If unset, the Kubelet will not modify the ownership and permissions of any volume. - Note that this field cannot be set when spec.os.name is windows. + If unset, the Kubelet will not modify the ownership and permissions + of any volume. + + Note that this field cannot be set when spec.os.name is windows.' format: int64 type: integer fsGroupChangePolicy: - description: |- - fsGroupChangePolicy defines behavior of changing ownership and permission of the volume - before being exposed inside Pod. This field will only apply to + description: 'fsGroupChangePolicy defines behavior of changing + ownership and permission of the volume + + before being exposed inside Pod. This field will only apply + to + volume types which support fsGroup based ownership(and permissions). - It will have no effect on ephemeral volume types such as: secret, configmaps + + It will have no effect on ephemeral volume types such as: secret, + configmaps + and emptydir. - Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. - Note that this field cannot be set when spec.os.name is windows. + + Valid values are "OnRootMismatch" and "Always". If not specified, + "Always" is used. + + Note that this field cannot be set when spec.os.name is windows.' type: string runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint of the container process. + Uses runtime default if unset. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence + + May also be set in SecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence + for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. + description: 'Indicates that the container must run as a non-root + user. + + If true, the Kubelet will validate the image at runtime to ensure + that it + + does not run as UID 0 (root) and fail to start the container + if it does. + If unset or false, no such validation will be performed. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + + May also be set in SecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. + description: 'The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence + + May also be set in SecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence + for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random SELinux context for each + description: 'The SELinux context to be applied to all containers. + + If unspecified, the container runtime will allocate a random + SELinux context for each + container. May also be set in SecurityContext. If set in - both SecurityContext and PodSecurityContext, the value specified in SecurityContext + + both SecurityContext and PodSecurityContext, the value specified + in SecurityContext + takes precedence for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' properties: level: description: Level is SELinux level label that applies to @@ -7488,48 +9396,73 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by the containers in this pod. - Note that this field cannot be set when spec.os.name is windows. + description: 'The seccomp options to use by the containers in + this pod. + + Note that this field cannot be set when spec.os.name is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. + description: 'localhostProfile indicates a profile defined + in a file on the node should be used. + The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + + Must be a descending path, relative to the kubelet''s configured + seccomp profile location. + + Must be set if type is "Localhost". Must NOT be set for + any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind of seccomp profile + will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a file on the node should + be used. + + RuntimeDefault - the container runtime default profile should + be used. + + Unconfined - no profile should be applied.' type: string required: - type type: object supplementalGroups: - description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, + description: 'A list of groups applied to the first process run + in each container, in addition + + to the container''s primary GID, the fsGroup (if specified), + and group memberships + + defined in the container image for the uid of the container + process. If unspecified, + + no additional groups are added to any container. Note that group + memberships + + defined in the container image for the uid of the container + process are still effective, + even if they are not included in this list. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' items: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: - description: |- - Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + description: 'Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' items: description: Sysctl defines a kernel parameter to be set properties: @@ -7544,36 +9477,56 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings applied to all containers. + + If unspecified, the options within a container''s SecurityContext + will be used. + + If set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. + + Note that this field cannot be set when spec.os.name is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is where the GMSA admission + webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) inlines + the contents of the + + GMSA credential spec named by the GMSACredentialSpecName + field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines if a container should + be run as a ''Host Process'' container. + + All of a Pod''s containers must have the same effective + HostProcess value + + (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). + + In addition, if HostProcess is true then HostNetwork must + also be set to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. + description: 'The UserName in Windows to run the entrypoint + of the container process. + Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + + May also be set in PodSecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext + takes precedence.' type: string type: object type: object @@ -7584,81 +9537,109 @@ spec: container. properties: containerPort: - description: |- - Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + description: 'Number of port to expose on the pod''s IP address. + + This must be a valid port number, 0 < x < 65536.' format: int32 type: integer hostIP: description: What host IP to bind the external port to. type: string hostPort: - description: |- - Number of port to expose on the host. + description: 'Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. - Most containers do not need this. + + Most containers do not need this.' format: int32 type: integer name: - description: |- - If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - named port in a pod must have a unique name. Name for the port that can be - referred to by services. + description: 'If specified, this must be an IANA_SVC_NAME and + unique within the pod. Each + + named port in a pod must have a unique name. Name for the + port that can be + + referred to by services.' type: string protocol: default: TCP - description: |- - Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". + description: 'Protocol for port. Must be UDP, TCP, or SCTP. + + Defaults to "TCP".' type: string required: - containerPort type: object type: array priorityClassName: - description: |- - If specified, indicates the pod's priority. "system-node-critical" and - "system-cluster-critical" are two special keywords which indicate the - highest priorities with the former being the highest priority. Any other - name must be defined by creating a PriorityClass object with that name. - If not specified, the pod priority will be default or zero if there is no - default. + description: 'If specified, indicates the pod''s priority. "system-node-critical" + and + + "system-cluster-critical" are two special keywords which indicate + the + + highest priorities with the former being the highest priority. Any + other + + name must be defined by creating a PriorityClass object with that + name. + + If not specified, the pod priority will be default or zero if there + is no + + default.' type: string replicas: - description: |- - Number of desired pods. This is a pointer to distinguish between explicit + description: 'Number of desired pods. This is a pointer to distinguish + between explicit + zero and not specified. Defaults to 1. - Note: If more than 1 replica is set and leader election is not enabled then - controllers could conflict. Environment variable "LEADER_ELECTION" can be - used to enable leader election process. + + Note: If more than 1 replica is set and leader election is not enabled + then + + controllers could conflict. Environment variable "LEADER_ELECTION" + can be + + used to enable leader election process.' format: int32 type: integer resources: - description: |- - Compute Resources required by this container. + description: 'Compute Resources required by this container. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ + + More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, + description: 'Claims lists the names of resources, defined in + spec.resourceClaims, + that are used by this container. + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. + + This field is immutable. It can only be set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. + description: 'Name must match the name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. It makes that resource + available + + inside a container.' type: string required: - name @@ -7674,9 +9655,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes the maximum amount of compute resources + allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -7685,42 +9667,93 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes the minimum amount of compute + resources required. + + If Requests is omitted for a container, it defaults to Limits + if that is explicitly specified, + + otherwise to an implementation-defined value. Requests cannot + exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object runtimeClassName: - description: |- - RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used - to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. - If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an + description: 'RuntimeClassName refers to a RuntimeClass object in + the node.k8s.io group, which should be used + + to run this pod. If no RuntimeClass resource matches the named + class, the pod will not be run. + + If unset or empty, the "legacy" RuntimeClass will be used, which + is an implicit class with an + empty definition that uses the default runtime handler. + More info: https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/585-runtime-class/README.md - This is a beta feature as of Kubernetes v1.14. + + This is a beta feature as of Kubernetes v1.14.' type: string securityContext: - description: |- - SecurityContext holds container-level security attributes and common container settings. - Optional: Defaults to empty. See type description for default values of each field. + description: 'SecurityContext holds container-level security attributes + and common container settings. + + Optional: Defaults to empty. See type description for default values + of each field.' properties: allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if + description: 'AllowPrivilegeEscalation controls whether a process + can gain more + + privileges than its parent process. This bool directly controls + if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' type: boolean + appArmorProfile: + description: 'appArmorProfile is the AppArmor options to use by + this container. If set, this profile + + overrides the pod''s appArmorProfile. + + Note that this field cannot be set when spec.os.name is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates a profile loaded + on the node that should be used. + + The profile must be preconfigured on the node to work. + + Must match the loaded name of the profile. + + Must be set if and only if type is "Localhost".' + type: string + type: + description: "type indicates which kind of AppArmor profile\ + \ will be applied.\nValid options are:\n Localhost - a\ + \ profile pre-loaded on the node.\n RuntimeDefault - the\ + \ container runtime's default profile.\n Unconfined - no\ + \ AppArmor enforcement." + type: string + required: + - type + type: object capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. + description: 'The capabilities to add/drop when running containers. + + Defaults to the default set of capabilities granted by the container + runtime. + + Note that this field cannot be set when spec.os.name is windows.' properties: add: description: Added capabilities @@ -7728,68 +9761,104 @@ spec: description: Capability represent POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: description: Capability represent POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. + description: 'Run container in privileged mode. + + Processes in privileged containers are essentially equivalent + to root on the host. + Defaults to false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' type: boolean procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + description: 'procMount denotes the type of proc mount to use + for the containers. + + The default is DefaultProcMount which uses the container runtime + defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' type: string readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. + description: 'Whether this container has a read-only root filesystem. + Default is false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' type: boolean runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint of the container process. + Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + + May also be set in PodSecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence. + + Note that this field cannot be set when spec.os.name is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. + description: 'Indicates that the container must run as a non-root + user. + + If true, the Kubelet will validate the image at runtime to ensure + that it + + does not run as UID 0 (root) and fail to start the container + if it does. + If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + + May also be set in PodSecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. + description: 'The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + + May also be set in PodSecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext takes + precedence. + + Note that this field cannot be set when spec.os.name is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The SELinux context to be applied to the container. + + If unspecified, the container runtime will allocate a random + SELinux context for each + + container. May also be set in PodSecurityContext. If set in + both SecurityContext and + + PodSecurityContext, the value specified in SecurityContext takes + precedence. + + Note that this field cannot be set when spec.os.name is windows.' properties: level: description: Level is SELinux level label that applies to @@ -7809,158 +9878,284 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are + description: 'The seccomp options to use by this container. If + seccomp options are + provided at both the pod & container level, the container options + override the pod options. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. + description: 'localhostProfile indicates a profile defined + in a file on the node should be used. + The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + + Must be a descending path, relative to the kubelet''s configured + seccomp profile location. + + Must be set if type is "Localhost". Must NOT be set for + any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind of seccomp profile + will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a file on the node should + be used. + + RuntimeDefault - the container runtime default profile should + be used. + + Unconfined - no profile should be applied.' type: string required: - type type: object windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings applied to all containers. + + If unspecified, the options from the PodSecurityContext will + be used. + + If set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence. + + Note that this field cannot be set when spec.os.name is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is where the GMSA admission + webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) inlines + the contents of the + + GMSA credential spec named by the GMSACredentialSpecName + field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines if a container should + be run as a ''Host Process'' container. + + All of a Pod''s containers must have the same effective + HostProcess value + + (it is not allowed to have a mix of HostProcess containers + and non-HostProcess containers). + + In addition, if HostProcess is true then HostNetwork must + also be set to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. + description: 'The UserName in Windows to run the entrypoint + of the container process. + Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + + May also be set in PodSecurityContext. If set in both SecurityContext + and + + PodSecurityContext, the value specified in SecurityContext + takes precedence.' type: string type: object type: object serviceAccountName: - description: |- - ServiceAccountName is the name of the ServiceAccount to use to run this pod. + description: 'ServiceAccountName is the name of the ServiceAccount + to use to run this pod. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ - If specified, a ServiceAccount named this ServiceAccountName will be used for - the spec.serviceAccountName field in Pods to be created and for the subjects.name field + + If specified, a ServiceAccount named this ServiceAccountName will + be used for + + the spec.serviceAccountName field in Pods to be created and for + the subjects.name field + in a ClusterRoleBinding to be created. - If there is no ServiceAccount named this ServiceAccountName, a new ServiceAccount + + If there is no ServiceAccount named this ServiceAccountName, a new + ServiceAccount + will be created. - If there is a pre-existing ServiceAccount named this ServiceAccountName, the ServiceAccount - will be used. The annotations in the ControllerConfig will be copied to the ServiceAccount + + If there is a pre-existing ServiceAccount named this ServiceAccountName, + the ServiceAccount + + will be used. The annotations in the ControllerConfig will be copied + to the ServiceAccount + and pre-existing annotations will be kept. - Regardless of whether there is a ServiceAccount created by Crossplane or is in place already, - the ServiceAccount will be deleted once the Provider and ControllerConfig are deleted. + + Regardless of whether there is a ServiceAccount created by Crossplane + or is in place already, + + the ServiceAccount will be deleted once the Provider and ControllerConfig + are deleted.' type: string tolerations: description: If specified, the pod's tolerations. items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: 'The pod this Toleration is attached to tolerates any + taint that matches + + the triple using the matching operator .' properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: 'Effect indicates the taint effect to match. Empty + means match all taint effects. + + When specified, allowed values are NoSchedule, PreferNoSchedule + and NoExecute.' type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: 'Key is the taint key that the toleration applies + to. Empty means match all taint keys. + + If the key is empty, operator must be Exists; this combination + means to match all values and all keys.' type: string operator: - description: |- - Operator represents a key's relationship to the value. + description: 'Operator represents a key''s relationship to the + value. + Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. + + Exists is equivalent to wildcard for value, so that a pod + can + + tolerate all taints of a particular category.' type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: 'TolerationSeconds represents the period of time + the toleration (which must be + + of effect NoExecute, otherwise this field is ignored) tolerates + the taint. By default, + + it is not set, which means tolerate the taint forever (do + not evict). Zero and + + negative values will be treated as 0 (evict immediately) by + the system.' format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: 'Value is the taint value the toleration matches + to. + + If the operator is Exists, the value should be empty, otherwise + just a regular string.' type: string type: object type: array volumeMounts: - description: |- - List of VolumeMounts to mount into the container's filesystem. - Cannot be updated. + description: 'List of VolumeMounts to mount into the container''s + filesystem. + + Cannot be updated.' items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. + description: 'Path within the container at which the volume + should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host + description: 'mountPropagation determines how mounts are propagated + from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible or to Enabled, + MountPropagation must be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. + description: 'Mounted read-only if true, read-write otherwise + (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies whether read-only + mounts should be handled + + recursively. + + + + If ReadOnly is false, this field has no meaning and must be + unspecified. + + + + If ReadOnly is true, and this field is set to Disabled, the + mount is not made + + recursively read-only. If this field is set to IfPossible, + the mount is made + + recursively read-only, if it is supported by the container + runtime. If this + + field is set to Enabled, the mount is made recursively read-only + if it is + + supported by the container runtime, otherwise the pod will + not be started and + + an error will be generated to indicate the reason. + + + + If this field is set to IfPossible or Enabled, MountPropagation + must be set to + + None (or be unspecified, which defaults to None). + + + + If this field is not specified, it is treated as an equivalent + of Disabled.' + type: string subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). + description: 'Path within the volume from which the container''s + volume should be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. + description: 'Expanded path within the volume from which the + container''s volume should be mounted. + + Behaves similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually exclusive.' type: string required: - mountPath @@ -7968,44 +10163,61 @@ spec: type: object type: array volumes: - description: |- - List of volumes that can be mounted by containers belonging to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes + description: 'List of volumes that can be mounted by containers belonging + to the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes' items: description: Volume represents a named volume in a pod that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: |- - awsElasticBlockStore represents an AWS Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'awsElasticBlockStore represents an AWS Disk resource + that is attached to a + + kubelet''s host machine and then exposed to the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type of the volume + that you want to mount. + + Tip: Ensure that the filesystem type is supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string partition: - description: |- - partition is the partition in the volume that you want to mount. + description: 'partition is the partition in the volume that + you want to mount. + If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition as "1". - Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + + Examples: For volume /dev/sda1, you specify the partition + as "1". + + Similarly, the volume partition for /dev/sda is "0" (or + you can leave the property empty).' format: int32 type: integer readOnly: - description: |- - readOnly value true will force the readOnly setting in VolumeMounts. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'readOnly value true will force the readOnly + setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: |- - volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'volumeID is unique ID of the persistent disk + resource in AWS (Amazon EBS volume). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID @@ -8027,10 +10239,13 @@ spec: storage type: string fsType: - description: |- - fsType is Filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is Filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified.' type: string kind: description: 'kind expected values are Shared: multiple @@ -8039,9 +10254,10 @@ spec: disk (only in managed availability set). defaults to shared' type: string readOnly: - description: |- - readOnly Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly Defaults to false (read/write). ReadOnly + here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -8052,9 +10268,10 @@ spec: on the host and bind mount to the pod. properties: readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false (read/write). ReadOnly + here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of secret that contains @@ -8072,83 +10289,100 @@ spec: shares a pod's lifetime properties: monitors: - description: |- - monitors is Required: Monitors is a collection of Ceph monitors - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'monitors is Required: Monitors is a collection + of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' type: string readOnly: - description: |- - readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force + the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: |- - secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'secretFile is Optional: SecretFile is the + path to key ring for User, default is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: |- - secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'secretRef is Optional: SecretRef is reference + to the authentication secret for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: |- - user is optional: User is the rados user name, default is admin - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'user is optional: User is the rados user name, + default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: |- - cinder represents a cinder volume attached and mounted on kubelets host machine. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'cinder represents a cinder volume attached and + mounted on kubelets host machine. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force + description: 'readOnly defaults to false (read/write). ReadOnly + here will force + the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: |- - secretRef is optional: points to a secret object containing parameters used to connect - to OpenStack. + description: 'secretRef is optional: points to a secret + object containing parameters used to connect + + to OpenStack.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: |- - volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'volumeID used to identify the volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -8158,25 +10392,47 @@ spec: this volume properties: defaultMode: - description: |- - defaultMode is optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + description: 'defaultMode is optional: mode bits used to + set permissions on created files by default. + + Must be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and decimal values, JSON requires + decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + This might be in conflict with other options that affect + the file + + mode, like fsGroup, and the result can be other mode bits + set.' format: int32 type: integer items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - ConfigMap will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value pair + in the Data field of the referenced + + ConfigMap will be projected into the volume as a file + whose name is the + + key and content is the value. If specified, the listed + keys will be + + projected into the specified paths, and unlisted keys + will not be + + present. If a key is specified which is not present in + the ConfigMap, + + the volume setup will error unless it is marked optional. + Paths must be + + relative and may not contain the ''..'' path or start + with ''..''.' items: description: Maps a string key to a path within a volume. properties: @@ -8184,32 +10440,47 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode bits used to + set permissions on this file. + + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, JSON + requires decimal values for mode bits. + + If not specified, the volume defaultMode will be + used. + + This might be in conflict with other options that + affect the file + + mode, like fsGroup, and the result can be other + mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative path of the file + to map the key to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: description: optional specify whether the ConfigMap or its @@ -8223,43 +10494,58 @@ spec: feature). properties: driver: - description: |- - driver is the name of the CSI driver that handles this volume. - Consult with your admin for the correct name as registered in the cluster. + description: 'driver is the name of the CSI driver that + handles this volume. + + Consult with your admin for the correct name as registered + in the cluster.' type: string fsType: - description: |- - fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated CSI driver - which will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", "xfs", "ntfs". + + If not provided, the empty value is passed to the associated + CSI driver + + which will determine the default filesystem to apply.' type: string nodePublishSecretRef: - description: |- - nodePublishSecretRef is a reference to the secret object containing - sensitive information to pass to the CSI driver to complete the CSI + description: 'nodePublishSecretRef is a reference to the + secret object containing + + sensitive information to pass to the CSI driver to complete + the CSI + NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no secret is required. If the - secret object contains more than one secret, all secret references are passed. + + This field is optional, and may be empty if no secret + is required. If the + + secret object contains more than one secret, all secret + references are passed.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: |- - readOnly specifies a read-only configuration for the volume. - Defaults to false (read/write). + description: 'readOnly specifies a read-only configuration + for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: |- - volumeAttributes stores driver-specific properties that are passed to the CSI - driver. Consult your driver's documentation for supported values. + description: 'volumeAttributes stores driver-specific properties + that are passed to the CSI + + driver. Consult your driver''s documentation for supported + values.' type: object required: - driver @@ -8269,15 +10555,27 @@ spec: that should populate this volume properties: defaultMode: - description: |- - Optional: mode bits to use on created files by default. Must be a - Optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + description: 'Optional: mode bits to use on created files + by default. Must be a + + Optional: mode bits used to set permissions on created + files by default. + + Must be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and decimal values, JSON requires + decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + This might be in conflict with other options that affect + the file + + mode, like fsGroup, and the result can be other mode bits + set.' format: int32 type: integer items: @@ -8288,8 +10586,8 @@ spec: properties: fieldRef: description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are - supported.' + only annotations, labels, name, namespace and uid + are supported.' properties: apiVersion: description: Version of the schema the FieldPath @@ -8304,13 +10602,23 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: |- - Optional: mode bits used to set permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'Optional: mode bits used to set permissions + on this file, must be an octal value + + between 0000 and 0777 or a decimal value between + 0 and 511. + + YAML accepts both octal and decimal values, JSON + requires decimal values for mode bits. + + If not specified, the volume defaultMode will be + used. + + This might be in conflict with other options that + affect the file + + mode, like fsGroup, and the result can be other + mode bits set.' format: int32 type: integer path: @@ -8321,9 +10629,11 @@ spec: with ''..''' type: string resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + description: 'Selects a resource of the container: + only resources limits and requests + + (limits.cpu, limits.memory, requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container name: required for volumes, @@ -8348,96 +10658,128 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: - description: |- - emptyDir represents a temporary directory that shares a pod's lifetime. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + description: 'emptyDir represents a temporary directory that + shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. + description: 'medium represents what type of storage medium + should back this directory. + + The default is "" which means to use the node''s default + medium. + Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. + description: 'sizeLimit is the total amount of local storage + required for this EmptyDir volume. + The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. + + The maximum usage on memory medium EmptyDir would be the + minimum value between + + the SizeLimit specified here and the sum of memory limits + of all containers in a pod. + The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: |- - ephemeral represents a volume that is handled by a cluster storage driver. - The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - and deleted when the pod is removed. + description: "ephemeral represents a volume that is handled\ + \ by a cluster storage driver.\nThe volume's lifecycle is\ + \ tied to the pod that defines it - it will be created before\ + \ the pod starts,\nand deleted when the pod is removed.\n\n\ + \nUse this if:\na) the volume is only needed while the pod\ + \ runs,\nb) features of normal volumes like restoring from\ + \ snapshot or capacity\n tracking are needed,\nc) the storage\ + \ driver is specified through a storage class, and\nd) the\ + \ storage driver supports dynamic volume provisioning through\n\ + \ a PersistentVolumeClaim (see EphemeralVolumeSource for\ + \ more\n information on the connection between this volume\ + \ type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim\ + \ or one of the vendor-specific\nAPIs for volumes that persist\ + \ for longer than the lifecycle\nof an individual pod.\n\n\ + \nUse CSI for light-weight local ephemeral volumes if the\ + \ CSI driver is meant to\nbe used that way - see the documentation\ + \ of the driver for\nmore information.\n\n\nA pod can use\ + \ both types of ephemeral volumes and\npersistent volumes\ + \ at the same time." + properties: + volumeClaimTemplate: + description: 'Will be used to create a stand-alone PVC to + provision the volume. + The pod in which this EphemeralVolumeSource is embedded + will be the - Use this if: - a) the volume is only needed while the pod runs, - b) features of normal volumes like restoring from snapshot or capacity - tracking are needed, - c) the storage driver is specified through a storage class, and - d) the storage driver supports dynamic volume provisioning through - a PersistentVolumeClaim (see EphemeralVolumeSource for more - information on the connection between this volume type - and PersistentVolumeClaim). + owner of the PVC, i.e. the PVC will be deleted together + with the + pod. The name of the PVC will be `-` where - Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. + `` is the name from the `PodSpec.Volumes` + array + entry. Pod validation will reject the pod if the concatenated + name - Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - be used that way - see the documentation of the driver for - more information. + is not valid for a PVC (for example, too long). - A pod can use both types of ephemeral volumes and - persistent volumes at the same time. - properties: - volumeClaimTemplate: - description: |- - Will be used to create a stand-alone PVC to provision the volume. - The pod in which this EphemeralVolumeSource is embedded will be the - owner of the PVC, i.e. the PVC will be deleted together with the - pod. The name of the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` array - entry. Pod validation will reject the pod if the concatenated name - is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the + pod - An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to updated with an + + the unrelated PVC is removed. If such a pre-created PVC + is + + meant to be used by the pod, the PVC has to updated with + an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. - This field is read-only and no changes will be made by Kubernetes + + This field is read-only and no changes will be made by + Kubernetes + to the PVC after it has been created. - Required, must not be nil. + + Required, must not be nil.' properties: metadata: - description: |- - May contain labels and annotations that will be copied into the PVC - when creating it. No other fields are allowed and will be rejected during - validation. + description: 'May contain labels and annotations that + will be copied into the PVC + + when creating it. No other fields are allowed and + will be rejected during + + validation.' properties: annotations: additionalProperties: @@ -8457,37 +10799,59 @@ spec: type: string type: object spec: - description: |- - The specification for the PersistentVolumeClaim. The entire content is - copied unchanged into the PVC that gets created from this + description: 'The specification for the PersistentVolumeClaim. + The entire content is + + copied unchanged into the PVC that gets created from + this + template. The same fields as in a PersistentVolumeClaim - are also valid here. + + are also valid here.' properties: accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + description: 'accessModes contains the desired access + modes the volume should have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: - description: |- - dataSource field can be used to specify either: + description: 'dataSource field can be used to specify + either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: + + If the provisioner or an external controller can + support the specified data source, + + it will create a new volume based on the contents + of the specified data source. + + When the AnyVolumeDataSource feature gate is enabled, + dataSource contents will be copied to dataSourceRef, + + and dataSourceRef contents will be copied to dataSource + when dataSourceRef.namespace is not specified. + + If the namespace is specified, then dataSourceRef + will not be copied to dataSource.' + properties: + apiGroup: + description: 'APIGroup is the group for the + resource being referenced. + + If APIGroup is not specified, the specified + Kind must be in the core API group. + + For any other third-party types, APIGroup + is required.' + type: string + kind: description: Kind is the type of resource being referenced type: string @@ -8501,36 +10865,48 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + description: "dataSourceRef specifies the object\ + \ from which to populate the volume with data,\ + \ if a non-empty\nvolume is desired. This may\ + \ be any object from a non-empty API group (non\n\ + core object) or a PersistentVolumeClaim object.\n\ + When this field is specified, volume binding will\ + \ only succeed if the type of\nthe specified object\ + \ matches some installed volume populator or dynamic\n\ + provisioner.\nThis field will replace the functionality\ + \ of the dataSource field and as such\nif both\ + \ fields are non-empty, they must have the same\ + \ value. For backwards\ncompatibility, when namespace\ + \ isn't specified in dataSourceRef,\nboth fields\ + \ (dataSource and dataSourceRef) will be set to\ + \ the same\nvalue automatically if one of them\ + \ is empty and the other is non-empty.\nWhen namespace\ + \ is specified in dataSourceRef,\ndataSource isn't\ + \ set to the same value and must be empty.\nThere\ + \ are three important differences between dataSource\ + \ and dataSourceRef:\n* While dataSource only\ + \ allows two specific types of objects, dataSourceRef\n\ + \ allows any non-core object, as well as PersistentVolumeClaim\ + \ objects.\n* While dataSource ignores disallowed\ + \ values (dropping them), dataSourceRef\n preserves\ + \ all values, and generates an error if a disallowed\ + \ value is\n specified.\n* While dataSource only\ + \ allows local objects, dataSourceRef allows objects\n\ + \ in any namespaces.\n(Beta) Using this field\ + \ requires the AnyVolumeDataSource feature gate\ + \ to be enabled.\n(Alpha) Using the namespace\ + \ field of dataSourceRef requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. + description: 'APIGroup is the group for the + resource being referenced. + + If APIGroup is not specified, the specified + Kind must be in the core API group. + + For any other third-party types, APIGroup + is required.' type: string kind: description: Kind is the type of resource being @@ -8541,22 +10917,35 @@ spec: referenced type: string namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + description: 'Namespace is the namespace of + resource being referenced + + Note that when a namespace is specified, a + gateway.networking.k8s.io/ReferenceGrant object + is required in the referent namespace to allow + that namespace''s owner to accept the reference. + See the ReferenceGrant documentation for details. + + (Alpha) This field requires the CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind - name type: object resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the + description: 'resources represents the minimum resources + the volume should have. + + If RecoverVolumeExpansionFailure feature is enabled + users are allowed to specify resource requirements + + that are lower than previous value but must still + be higher than capacity recorded in the + status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -8565,9 +10954,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes the maximum amount + of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -8576,11 +10966,16 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes the minimum + amount of compute resources required. + + If Requests is omitted for a container, it + defaults to Limits if that is explicitly specified, + + otherwise to an implementation-defined value. + Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -8592,67 +10987,108 @@ spec: selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a key, + and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s + relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string + values. If the operator is In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + description: 'storageClassName is the name of the + StorageClass required by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + description: 'volumeAttributesClassName may be used + to set the VolumeAttributesClass used by this + claim. + + If specified, the CSI driver will create or update + the volume with the attributes defined + + in the corresponding VolumeAttributesClass. This + has a different purpose than storageClassName, + + it can be changed after the claim is created. + An empty string value means that no VolumeAttributesClass + + will be applied to the claim but it''s not allowed + to reset this field to empty string once it is + set. + + If unspecified and the PersistentVolumeClaim is + unbound, the default VolumeAttributesClass + + will be set by the persistentvolume controller + if it exists. + + If the resource referred to by volumeAttributesClass + does not exist, this PersistentVolumeClaim will + be + + set to a Pending state, as reflected by the modifyVolumeStatus + field, until such as a resource + exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Alpha) Using this field requires the VolumeAttributesClass + feature gate to be enabled.' type: string volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. + description: 'volumeMode defines what type of volume + is required by the claim. + + Value of Filesystem is implied when not included + in claim spec.' type: string volumeName: description: volumeName is the binding reference @@ -8669,20 +11105,26 @@ spec: pod. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising the machine + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. + + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string lun: description: 'lun is Optional: FC target lun number' format: int32 type: integer readOnly: - description: |- - readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly is Optional: Defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC target worldwide @@ -8690,28 +11132,36 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: - description: |- - wwids Optional: FC volume world wide identifiers (wwids) - Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + description: 'wwids Optional: FC volume world wide identifiers + (wwids) + + Either wwids or combination of targetWWNs and lun must + be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: |- - flexVolume represents a generic volume resource that is - provisioned/attached using an exec based plugin. + description: 'flexVolume represents a generic volume resource + that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". The default filesystem depends + on FlexVolume script.' type: string options: additionalProperties: @@ -8720,23 +11170,32 @@ spec: command options if any.' type: object readOnly: - description: |- - readOnly is Optional: defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly is Optional: defaults to false (read/write). + ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef is Optional: secretRef is reference to the secret object containing - sensitive information to pass to the plugin scripts. This may be - empty if no secret object is specified. If the secret object - contains more than one secret, all secrets are passed to the plugin - scripts. + description: 'secretRef is Optional: secretRef is reference + to the secret object containing + + sensitive information to pass to the plugin scripts. This + may be + + empty if no secret object is specified. If the secret + object + + contains more than one secret, all secrets are passed + to the plugin + + scripts.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -8749,9 +11208,10 @@ spec: service being running properties: datasetName: - description: |- - datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - should be considered as deprecated + description: 'datasetName is Name of the dataset stored + as metadata -> name on the dataset for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of the dataset. This @@ -8759,55 +11219,82 @@ spec: type: string type: object gcePersistentDisk: - description: |- - gcePersistentDisk represents a GCE Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + description: 'gcePersistentDisk represents a GCE Disk resource + that is attached to a + + kubelet''s host machine and then exposed to the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: |- - fsType is filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is filesystem type of the volume that + you want to mount. + + Tip: Ensure that the filesystem type is supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string partition: - description: |- - partition is the partition in the volume that you want to mount. + description: 'partition is the partition in the volume that + you want to mount. + If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition as "1". - Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + + Examples: For volume /dev/sda1, you specify the partition + as "1". + + Similarly, the volume partition for /dev/sda is "0" (or + you can leave the property empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: |- - pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + description: 'pdName is unique name of the PD resource in + GCE. Used to identify the disk in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. + Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: |- - gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - into the Pod's container. + description: 'gitRepo represents a git repository at a particular + revision. + + DEPRECATED: GitRepo is deprecated. To provision a container + with a git repo, mount an + + EmptyDir into an InitContainer that clones the repo using + git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: |- - directory is the target directory name. - Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - git repository. Otherwise, if specified, the volume will contain the git repository in - the subdirectory with the given name. + description: 'directory is the target directory name. + + Must not contain or start with ''..''. If ''.'' is supplied, + the volume directory will be the + + git repository. Otherwise, if specified, the volume will + contain the git repository in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -8820,61 +11307,80 @@ spec: - repository type: object glusterfs: - description: |- - glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - More info: https://examples.k8s.io/volumes/glusterfs/README.md + description: 'glusterfs represents a Glusterfs mount on the + host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: 'endpoints is the endpoint name that details + Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: |- - path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: 'path is the Glusterfs volume path. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: |- - readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + description: 'readOnly here will force the Glusterfs volume + to be mounted with read-only permissions. + Defaults to false. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: |- - hostPath represents a pre-existing file or directory on the host - machine that is directly exposed to the container. This is generally - used for system agents or other privileged things that are allowed + description: 'hostPath represents a pre-existing file or directory + on the host + + machine that is directly exposed to the container. This is + generally + + used for system agents or other privileged things that are + allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- - TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - mount host directories as read/write. + + TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not + + mount host directories as read/write.' properties: path: - description: |- - path of the directory on the host. - If the path is a symlink, it will follow the link to the real path. - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + description: 'path of the directory on the host. + + If the path is a symlink, it will follow the link to the + real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: |- - type for HostPath Volume + description: 'type for HostPath Volume + Defaults to "" - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: |- - iscsi represents an ISCSI Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + description: 'iscsi represents an ISCSI Disk resource that is + attached to a + + kubelet''s host machine and then exposed to the pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether support iSCSI @@ -8885,59 +11391,76 @@ spec: Session CHAP authentication type: boolean fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type of the volume + that you want to mount. + + Tip: Ensure that the filesystem type is supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string initiatorName: - description: |- - initiatorName is the custom iSCSI Initiator Name. - If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - : will be created for the connection. + description: 'initiatorName is the custom iSCSI Initiator + Name. + + If initiatorName is specified with iscsiInterface simultaneously, + new iSCSI interface + + : will be created for the + connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: |- - iscsiInterface is the interface Name that uses an iSCSI transport. - Defaults to 'default' (tcp). + description: 'iscsiInterface is the interface Name that + uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target Lun number. format: int32 type: integer portals: - description: |- - portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). + description: 'portals is the iSCSI Target Portal List. The + portal is either an IP or ip_addr:port if the port + + is other than default (typically TCP ports 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. - Defaults to false. + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: |- - targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). + description: 'targetPortal is iSCSI Target Portal. The Portal + is either an IP or ip_addr:port if the port + + is other than default (typically TCP ports 860 and 3260).' type: string required: - iqn @@ -8945,51 +11468,60 @@ spec: - targetPortal type: object name: - description: |- - name of the volume. + description: 'name of the volume. + Must be a DNS_LABEL and unique within the pod. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: - description: |- - nfs represents an NFS mount on the host that shares a pod's lifetime - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'nfs represents an NFS mount on the host that shares + a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: |- - path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'path that is exported by the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: |- - readOnly here will force the NFS export to be mounted with read-only permissions. + description: 'readOnly here will force the NFS export to + be mounted with read-only permissions. + Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: |- - server is the hostname or IP address of the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'server is the hostname or IP address of the + NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: |- - persistentVolumeClaimVolumeSource represents a reference to a + description: 'persistentVolumeClaimVolumeSource represents a + reference to a + PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: |- - claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + description: 'claimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: |- - readOnly Will force the ReadOnly setting in VolumeMounts. - Default false. + description: 'readOnly Will force the ReadOnly setting in + VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -8999,10 +11531,13 @@ spec: persistent disk attached and mounted on kubelets host machine properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified.' type: string pdID: description: pdID is the ID that identifies Photon Controller @@ -9016,15 +11551,19 @@ spec: and mounted on kubelets host machine properties: fsType: - description: |- - fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fSType represents the filesystem type to mount + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if + unspecified.' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false (read/write). ReadOnly + here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies a Portworx volume @@ -9037,13 +11576,22 @@ spec: configmaps, and downward API properties: defaultMode: - description: |- - defaultMode are the mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + description: 'defaultMode are the mode bits used to set + permissions on created files by default. + + Must be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and decimal values, JSON requires + decimal values for mode bits. + Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + This might be in conflict with other options that affect + the file + + mode, like fsGroup, and the result can be other mode bits + set.' format: int32 type: integer sources: @@ -9053,95 +11601,143 @@ spec: other supported volume types properties: clusterTrustBundle: - description: |- - ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - of ClusterTrustBundle objects in an auto-updating file. + description: 'ClusterTrustBundle allows a pod to access + the `.spec.trustBundle` field + + of ClusterTrustBundle objects in an auto-updating + file. - Alpha, gated by the ClusterTrustBundleProjection feature gate. + Alpha, gated by the ClusterTrustBundleProjection + feature gate. + + + + ClusterTrustBundle objects can either be selected + by name, or by the - ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. - Kubelet performs aggressive normalization of the PEM contents written - into the pod filesystem. Esoteric PEM features such as inter-block - comments and block headers are stripped. Certificates are deduplicated. - The ordering of certificates within the file is arbitrary, and Kubelet - may change the order over time. + + Kubelet performs aggressive normalization of the + PEM contents written + + into the pod filesystem. Esoteric PEM features + such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within the file is + arbitrary, and Kubelet + + may change the order over time.' properties: labelSelector: - description: |- - Select all ClusterTrustBundles that match this label selector. Only has - effect if signerName is set. Mutually-exclusive with name. If unset, - interpreted as "match nothing". If set but empty, interpreted as "match - everything". + description: 'Select all ClusterTrustBundles that + match this label selector. Only has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If set but + empty, interpreted as "match + + everything".' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a + key''s relationship to a set of values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of + string values. If the operator is + In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. This + array is replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains + only "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic name: - description: |- - Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + description: 'Select a single ClusterTrustBundle + by object name. Mutually-exclusive + + with signerName and labelSelector.' type: string optional: - description: |- - If true, don't block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, then the named ClusterTrustBundle is - allowed not to exist. If using signerName, then the combination of - signerName and labelSelector is allowed to match zero - ClusterTrustBundles. + description: 'If true, don''t block pod startup + if the referenced ClusterTrustBundle(s) + + aren''t available. If using name, then the + named ClusterTrustBundle is + + allowed not to exist. If using signerName, + then the combination of + + signerName and labelSelector is allowed to match + zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from the volume root to write the bundle. type: string signerName: - description: |- - Select all ClusterTrustBundles that match this signer name. - Mutually-exclusive with name. The contents of all selected - ClusterTrustBundles will be unified and deduplicated. + description: 'Select all ClusterTrustBundles that + match this signer name. + + Mutually-exclusive with name. The contents + of all selected + + ClusterTrustBundles will be unified and deduplicated.' type: string required: - path @@ -9151,14 +11747,26 @@ spec: data to project properties: items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - ConfigMap will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the ConfigMap, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -9167,32 +11775,50 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode bits + used to set permissions on this file. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative path + of the file to map the key to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string optional: description: optional specify whether the ConfigMap @@ -9215,7 +11841,7 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, labels, - name and namespace are supported.' + name, namespace and uid are supported.' properties: apiVersion: description: Version of the schema the @@ -9231,13 +11857,25 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: |- - Optional: mode bits used to set permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'Optional: mode bits used to + set permissions on this file, must be + an octal value + + between 0000 and 0777 or a decimal value + between 0 and 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: @@ -9249,9 +11887,11 @@ spec: with ''..''' type: string resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + description: 'Selects a resource of the + container: only resources limits and requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently supported.' properties: containerName: description: 'Container name: required @@ -9278,20 +11918,33 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - Secret will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, each key-value + pair in the Data field of the referenced + + Secret will be projected into the volume as + a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and unlisted + keys will not be + + present. If a key is specified which is not + present in the Secret, + + the volume setup will error unless it is marked + optional. Paths must be + + relative and may not contain the ''..'' path + or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -9300,32 +11953,50 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode bits + used to set permissions on this file. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative path + of the file to map the key to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string optional: description: optional field specify whether the @@ -9338,62 +12009,84 @@ spec: the serviceAccountToken data to project properties: audience: - description: |- - audience is the intended audience of the token. A recipient of a token - must identify itself with an identifier specified in the audience of the - token, and otherwise should reject the token. The audience defaults to the - identifier of the apiserver. + description: 'audience is the intended audience + of the token. A recipient of a token + + must identify itself with an identifier specified + in the audience of the + + token, and otherwise should reject the token. + The audience defaults to the + + identifier of the apiserver.' type: string expirationSeconds: - description: |- - expirationSeconds is the requested duration of validity of the service - account token. As the token approaches expiration, the kubelet volume - plugin will proactively rotate the service account token. The kubelet will - start trying to rotate the token if the token is older than 80 percent of - its time to live or if the token is older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + description: 'expirationSeconds is the requested + duration of validity of the service + + account token. As the token approaches expiration, + the kubelet volume + + plugin will proactively rotate the service account + token. The kubelet will + + start trying to rotate the token if the token + is older than 80 percent of + + its time to live or if the token is older than + 24 hours.Defaults to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: |- - path is the path relative to the mount point of the file to project the - token into. + description: 'path is the path relative to the + mount point of the file to project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: |- - group to map volume access to - Default is no group + description: 'group to map volume access to + + Default is no group' type: string readOnly: - description: |- - readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + description: 'readOnly here will force the Quobyte volume + to be mounted with read-only permissions. + + Defaults to false.' type: boolean registry: - description: |- - registry represents a single or multiple Quobyte Registry services - specified as a string as host:port pair (multiple entries are separated with commas) - which acts as the central registry for volumes + description: 'registry represents a single or multiple Quobyte + Registry services + + specified as a string as host:port pair (multiple entries + are separated with commas) + + which acts as the central registry for volumes' type: string tenant: - description: |- - tenant owning the given Quobyte volume in the Backend - Used with dynamically provisioned Quobyte volumes, value is set by the plugin + description: 'tenant owning the given Quobyte volume in + the Backend + + Used with dynamically provisioned Quobyte volumes, value + is set by the plugin' type: string user: - description: |- - user to map volume access to - Defaults to serivceaccount user + description: 'user to map volume access to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references an already @@ -9404,68 +12097,86 @@ spec: - volume type: object rbd: - description: |- - rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md + description: 'rbd represents a Rados Block Device mount on the + host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type of the volume + that you want to mount. + + Tip: Ensure that the filesystem type is supported by the + host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to + be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the filesystem from + compromising the machine' type: string image: - description: |- - image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + description: 'image is the rados image name. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: |- - keyring is the path to key ring for RBDUser. + description: 'keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: |- - monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + description: 'monitors is a collection of Ceph monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: |- - pool is the rados pool name. + description: 'pool is the rados pool name. + Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. + description: 'readOnly here will force the ReadOnly setting + in VolumeMounts. + Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: |- - secretRef is name of the authentication secret for RBDUser. If provided + description: 'secretRef is name of the authentication secret + for RBDUser. If provided + overrides keyring. + Default is nil. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: |- - user is the rados user name. + description: 'user is the rados user name. + Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -9476,11 +12187,14 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + Ex. "ext4", "xfs", "ntfs". - Default is "xfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address of the ScaleIO @@ -9491,20 +12205,24 @@ spec: Protection Domain for the configured storage. type: string readOnly: - description: |- - readOnly Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly Defaults to false (read/write). ReadOnly + here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef references to the secret for ScaleIO user and other - sensitive information. If this is not provided, Login operation will fail. + description: 'secretRef references to the secret for ScaleIO + user and other + + sensitive information. If this is not provided, Login + operation will fail.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -9513,9 +12231,10 @@ spec: with Gateway, default false type: boolean storageMode: - description: |- - storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. + description: 'storageMode indicates whether the storage + for a volume should be ThickProvisioned or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO Storage Pool associated @@ -9526,9 +12245,10 @@ spec: configured in ScaleIO. type: string volumeName: - description: |- - volumeName is the name of a volume already created in the ScaleIO system - that is associated with this volume source. + description: 'volumeName is the name of a volume already + created in the ScaleIO system + + that is associated with this volume source.' type: string required: - gateway @@ -9536,30 +12256,53 @@ spec: - system type: object secret: - description: |- - secret represents a secret that should populate this volume. - More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + description: 'secret represents a secret that should populate + this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: |- - defaultMode is Optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values + description: 'defaultMode is Optional: mode bits used to + set permissions on created files by default. + + Must be an octal value between 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and decimal values, JSON requires + decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. - format: int32 + + This might be in conflict with other options that affect + the file + + mode, like fsGroup, and the result can be other mode bits + set.' + format: int32 type: integer items: - description: |- - items If unspecified, each key-value pair in the Data field of the referenced - Secret will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items If unspecified, each key-value pair + in the Data field of the referenced + + Secret will be projected into the volume as a file whose + name is the + + key and content is the value. If specified, the listed + keys will be + + projected into the specified paths, and unlisted keys + will not be + + present. If a key is specified which is not present in + the Secret, + + the volume setup will error unless it is marked optional. + Paths must be + + relative and may not contain the ''..'' path or start + with ''..''.' items: description: Maps a string key to a path within a volume. properties: @@ -9567,35 +12310,50 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode bits used to + set permissions on this file. + + Must be an octal value between 0000 and 0777 or + a decimal value between 0 and 511. + + YAML accepts both octal and decimal values, JSON + requires decimal values for mode bits. + + If not specified, the volume defaultMode will be + used. + + This might be in conflict with other options that + affect the file + + mode, like fsGroup, and the result can be other + mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative path of the file + to map the key to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: |- - secretName is the name of the secret in the pod's namespace to use. - More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + description: 'secretName is the name of the secret in the + pod''s namespace to use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -9603,42 +12361,59 @@ spec: and mounted on Kubernetes nodes. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified.' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false (read/write). ReadOnly + here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef specifies the secret to use for obtaining the StorageOS API - credentials. If not specified, default values will be attempted. + description: 'secretRef specifies the secret to use for + obtaining the StorageOS API + + credentials. If not specified, default values will be + attempted.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: |- - volumeName is the human-readable name of the StorageOS volume. Volume - names are only unique within a namespace. + description: 'volumeName is the human-readable name of the + StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: |- - volumeNamespace specifies the scope of the volume within StorageOS. If no - namespace is specified then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + description: 'volumeNamespace specifies the scope of the + volume within StorageOS. If no + + namespace is specified then the Pod''s namespace will + be used. This allows the + + Kubernetes name scoping to be mirrored within StorageOS + for tighter integration. + Set VolumeName to any name to override the default behaviour. - Set to "default" if you are not using namespaces within StorageOS. - Namespaces that do not pre-exist within StorageOS will be created. + + Set to "default" if you are not using namespaces within + StorageOS. + + Namespaces that do not pre-exist within StorageOS will + be created.' type: string type: object vsphereVolume: @@ -9646,10 +12421,13 @@ spec: and mounted on kubelets host machine properties: fsType: - description: |- - fsType is filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is filesystem type to mount. + + Must be a filesystem type supported by the host operating + system. + + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage Policy Based @@ -9675,14 +12453,39 @@ spec: served: true storage: true subresources: {} +status: + acceptedNames: + kind: ControllerConfig + listKind: ControllerConfigList + plural: controllerconfigs + singular: controllerconfig + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1alpha1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: deploymentruntimeconfigs.pkg.crossplane.io + resourceVersion: '573' + uid: 504f7443-b638-43b1-904b-36c3f69f6ed4 spec: + conversion: + strategy: None group: pkg.crossplane.io names: categories: @@ -9700,36 +12503,50 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: |- - The DeploymentRuntimeConfig provides settings for the Kubernetes Deployment + description: 'The DeploymentRuntimeConfig provides settings for the Kubernetes + Deployment + of a Provider or composition function package. + Read the Crossplane documentation for - [more information about DeploymentRuntimeConfigs](https://docs.crossplane.io/latest/concepts/providers/#runtime-configuration). + + [more information about DeploymentRuntimeConfigs](https://docs.crossplane.io/latest/concepts/providers/#runtime-configuration).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - DeploymentRuntimeConfigSpec specifies the configuration for a packaged controller. + description: 'DeploymentRuntimeConfigSpec specifies the configuration + for a packaged controller. + Values provided will override package manager defaults. Labels and - annotations are passed to both the controller Deployment and ServiceAccount. + + annotations are passed to both the controller Deployment and ServiceAccount.' properties: deploymentTemplate: description: DeploymentTemplate is the template for the Deployment @@ -9742,21 +12559,32 @@ spec: annotations: additionalProperties: type: string - description: |- - Annotations is an unstructured key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when modifying objects. - More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + description: 'Annotations is an unstructured key value map + stored with a resource that + + may be set by external tools to store and retrieve arbitrary + metadata. + + They are not queryable and should be preserved when modifying + objects. + + More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' type: object labels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. Labels will be merged with internal labels - used by crossplane, and labels with a crossplane.io key might be + description: 'Map of string keys and values that can be used + to organize and categorize + + (scope and select) objects. Labels will be merged with internal + labels + + used by crossplane, and labels with a crossplane.io key + might be + overwritten. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object name: description: Name is the name of the object. @@ -9767,81 +12595,111 @@ spec: Deployment object. properties: minReadySeconds: - description: |- - Minimum number of seconds for which a newly created pod should be ready - without any of its container crashing, for it to be considered available. - Defaults to 0 (pod will be considered available as soon as it is ready) + description: 'Minimum number of seconds for which a newly + created pod should be ready + + without any of its container crashing, for it to be considered + available. + + Defaults to 0 (pod will be considered available as soon + as it is ready)' format: int32 type: integer paused: description: Indicates that the deployment is paused. type: boolean progressDeadlineSeconds: - description: |- - The maximum time in seconds for a deployment to make progress before it - is considered to be failed. The deployment controller will continue to + description: 'The maximum time in seconds for a deployment + to make progress before it + + is considered to be failed. The deployment controller will + continue to + process failed deployments and a condition with a ProgressDeadlineExceeded - reason will be surfaced in the deployment status. Note that progress will - not be estimated during the time a deployment is paused. Defaults to 600s. + + reason will be surfaced in the deployment status. Note that + progress will + + not be estimated during the time a deployment is paused. + Defaults to 600s.' format: int32 type: integer replicas: - description: |- - Number of desired pods. This is a pointer to distinguish between explicit - zero and not specified. Defaults to 1. + description: 'Number of desired pods. This is a pointer to + distinguish between explicit + + zero and not specified. Defaults to 1.' format: int32 type: integer revisionHistoryLimit: - description: |- - The number of old ReplicaSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 10. + description: 'The number of old ReplicaSets to retain to allow + rollback. + + This is a pointer to distinguish between explicit zero and + not specified. + + Defaults to 10.' format: int32 type: integer selector: - description: |- - Label selector for pods. Existing ReplicaSets whose pods are + description: 'Label selector for pods. Existing ReplicaSets + whose pods are + selected by this will be the ones affected by this deployment. - It must match the pod template's labels. + + It must match the pod template''s labels.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement is a selector + that contains values, a key, and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents a key''s relationship + to a set of values. + + Valid operators are In, NotIn, Exists and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of string values. + If the operator is In or NotIn, + + the values array must be non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be empty. This array is + replaced during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array contains only + "value". The requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic @@ -9850,45 +12708,81 @@ spec: pods with new ones. properties: rollingUpdate: - description: |- - Rolling update config params. Present only if DeploymentStrategyType = + description: 'Rolling update config params. Present only + if DeploymentStrategyType = + RollingUpdate. + --- - TODO: Update this to follow our convention for oneOf, whatever we decide it - to be. + + TODO: Update this to follow our convention for oneOf, + whatever we decide it + + to be.' properties: maxSurge: anyOf: - type: integer - type: string - description: |- - The maximum number of pods that can be scheduled above the desired number of + description: 'The maximum number of pods that can + be scheduled above the desired number of + pods. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + + Value can be an absolute number (ex: 5) or a percentage + of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. - Absolute number is calculated from percentage by rounding up. + + Absolute number is calculated from percentage by + rounding up. + Defaults to 25%. - Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - the rolling update starts, such that the total number of old and new pods do not exceed + + Example: when this is set to 30%, the new ReplicaSet + can be scaled up immediately when + + the rolling update starts, such that the total number + of old and new pods do not exceed + 130% of desired pods. Once old pods have been killed, - new ReplicaSet can be scaled up further, ensuring that total number of pods running - at any time during the update is at most 130% of desired pods. + + new ReplicaSet can be scaled up further, ensuring + that total number of pods running + + at any time during the update is at most 130% of + desired pods.' x-kubernetes-int-or-string: true maxUnavailable: anyOf: - type: integer - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. + description: 'The maximum number of pods that can + be unavailable during the update. + + Value can be an absolute number (ex: 5) or a percentage + of desired pods (ex: 10%). + + Absolute number is calculated from percentage by + rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to 25%. - Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - that the total number of pods available at all times during the update is at - least 70% of desired pods. + + Example: when this is set to 30%, the old ReplicaSet + can be scaled down to 70% of desired pods + + immediately when the rolling update starts. Once + new pods are ready, old ReplicaSet + + can be scaled down further, followed by scaling + up the new ReplicaSet, ensuring + + that the total number of pods available at all times + during the update is at + + least 70% of desired pods.' x-kubernetes-int-or-string: true type: object type: @@ -9897,14 +12791,14 @@ spec: type: string type: object template: - description: |- - Template describes the pods that will be created. - The only allowed template.spec.restartPolicy value is "Always". + description: 'Template describes the pods that will be created. + + The only allowed template.spec.restartPolicy value is "Always".' properties: metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + description: 'Standard object''s metadata. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: annotations: additionalProperties: @@ -9924,15 +12818,19 @@ spec: type: string type: object spec: - description: |- - Specification of the desired behavior of the pod. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + description: 'Specification of the desired behavior of + the pod. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' properties: activeDeadlineSeconds: - description: |- - Optional duration in seconds the pod may be active on the node relative to - StartTime before the system will actively try to mark it failed and kill associated containers. - Value must be a positive integer. + description: 'Optional duration in seconds the pod + may be active on the node relative to + + StartTime before the system will actively try to + mark it failed and kill associated containers. + + Value must be a positive integer.' format: int64 type: integer affinity: @@ -9943,20 +12841,40 @@ spec: rules for the pod. properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to + schedule pods to nodes that satisfy + + the affinity expressions specified by this + field, but it may choose + + a node that violates one or more of the + expressions. The node that is + + most preferred is the one with the greatest + sum of weights, i.e. + + for each node that meets all of the scheduling + requirements (resource + + request, requiredDuringScheduling affinity + expressions, etc.), + + compute a sum by iterating through the elements + of this field and adding + + "weight" to the sum if the node matches + the corresponding matchExpressions; the + + node(s) with the highest sum are the most + preferred.' items: - description: |- - An empty preferred scheduling term matches all objects with implicit weight 0 - (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + description: 'An empty preferred scheduling + term matches all objects with implicit + weight 0 + + (i.e. it''s a no-op). A null preferred + scheduling term matches no objects (i.e. + is also a no-op).' properties: preference: description: A node selector term, associated @@ -9966,9 +12884,12 @@ spec: description: A list of node selector requirements by node's labels. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector + requirement is a selector that + contains values, a key, and + an operator + + that relates the key and values.' properties: key: description: The label key @@ -9976,32 +12897,53 @@ spec: to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a + key''s relationship to a + set of values. + + Valid operators are In, + NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of + string values. If the operator + is In or NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. If the operator is + Gt or Lt, the values + + array must have a single + element, which will be interpreted + as an integer. + + This array is replaced during + a strategic merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector + requirement is a selector that + contains values, a key, and + an operator + + that relates the key and values.' properties: key: description: The label key @@ -10009,25 +12951,43 @@ spec: to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a + key''s relationship to a + set of values. + + Valid operators are In, + NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of + string values. If the operator + is In or NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. If the operator is + Gt or Lt, the values + + array must have a single + element, which will be interpreted + as an integer. + + This array is replaced during + a strategic merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -10041,30 +13001,46 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from its node. + description: 'If the affinity requirements + specified by this field are not met at + + scheduling time, the pod will not be scheduled + onto the node. + + If the affinity requirements specified by + this field cease to be met + + at some point during pod execution (e.g. + due to an update), the system + + may or may not try to eventually evict the + pod from its node.' properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: - description: |- - A null or empty node selector term matches no objects. The requirements of + description: 'A null or empty node selector + term matches no objects. The requirements + of + them are ANDed. - The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + + The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm.' properties: matchExpressions: description: A list of node selector requirements by node's labels. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector + requirement is a selector that + contains values, a key, and + an operator + + that relates the key and values.' properties: key: description: The label key @@ -10072,32 +13048,53 @@ spec: to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a + key''s relationship to a + set of values. + + Valid operators are In, + NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of + string values. If the operator + is In or NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. If the operator is + Gt or Lt, the values + + array must have a single + element, which will be interpreted + as an integer. + + This array is replaced during + a strategic merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. items: - description: |- - A node selector requirement is a selector that contains values, a key, and an operator - that relates the key and values. + description: 'A node selector + requirement is a selector that + contains values, a key, and + an operator + + that relates the key and values.' properties: key: description: The label key @@ -10105,28 +13102,47 @@ spec: to. type: string operator: - description: |- - Represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + description: 'Represents a + key''s relationship to a + set of values. + + Valid operators are In, + NotIn, Exists, DoesNotExist. + Gt, and Lt.' type: string values: - description: |- - An array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. If the operator is Gt or Lt, the values - array must have a single element, which will be interpreted as an integer. - This array is replaced during a strategic merge patch. + description: 'An array of + string values. If the operator + is In or NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. If the operator is + Gt or Lt, the values + + array must have a single + element, which will be interpreted + as an integer. + + This array is replaced during + a strategic merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -10138,16 +13154,33 @@ spec: zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to + schedule pods to nodes that satisfy + + the affinity expressions specified by this + field, but it may choose + + a node that violates one or more of the + expressions. The node that is + + most preferred is the one with the greatest + sum of weights, i.e. + + for each node that meets all of the scheduling + requirements (resource + + request, requiredDuringScheduling affinity + expressions, etc.), + + compute a sum by iterating through the elements + of this field and adding + + "weight" to the sum if the node has pods + which matches the corresponding podAffinityTerm; + the + + node(s) with the highest sum are the most + preferred.' items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added @@ -10159,9 +13192,12 @@ spec: weight. properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over + a set of resources, in this case + pods. + + If it''s null, this PodAffinityTerm + matches with no Pods.' properties: matchExpressions: description: matchExpressions @@ -10169,9 +13205,12 @@ spec: requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the @@ -10179,71 +13218,156 @@ spec: applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a set + of values. + + Valid operators are + In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is + an array of string values. + If the operator is In + or NotIn, + + the values array must + be non-empty. If the + operator is Exists or + DoesNotExist, + + the values array must + be empty. This array + is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels + + map is equivalent to an element + of matchExpressions, whose + key field is "key", the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MatchLabelKeys is + a set of pod label keys to select + which pods will + + be taken into consideration. The + keys are used to lookup values + from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key in (value)` + + to select the group of existing + pods which pods will be taken + into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist + in the incoming + + pod labels will be ignored. The + default value is empty. + + The same key is forbidden to exist + in both matchLabelKeys and labelSelector. + + Also, matchLabelKeys cannot be + set when labelSelector isn''t + set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MismatchLabelKeys + is a set of pod label keys to + select which pods will + + be taken into consideration. The + keys are used to lookup values + from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key notin (value)` + + to select the group of existing + pods which pods will be taken + into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist + in the incoming + + pod labels will be ignored. The + default value is empty. + + The same key is forbidden to exist + in both mismatchLabelKeys and + labelSelector. + + Also, mismatchLabelKeys cannot + be set when labelSelector isn''t + set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + description: 'A label query over + the set of namespaces that the + term applies to. + + The term is applied to the union + of the namespaces selected by + this field + + and the ones listed in the namespaces + field. + + null selector and null or empty + namespaces list means "this pod''s + namespace". + + An empty selector ({}) matches + all namespaces.' properties: matchExpressions: description: matchExpressions @@ -10251,9 +13375,12 @@ spec: requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the @@ -10261,58 +13388,105 @@ spec: applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a set + of values. + + Valid operators are + In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is + an array of string values. + If the operator is In + or NotIn, + + the values array must + be non-empty. If the + operator is Exists or + DoesNotExist, + + the values array must + be empty. This array + is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels + + map is equivalent to an element + of matchExpressions, whose + key field is "key", the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies + a static list of namespace names + that the term applies to. + + The term is applied to the union + of the namespaces listed in this + field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list + and null namespaceSelector means + "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching + + the labelSelector in the specified + namespaces, where co-located is + defined as running on a node + + whose value of the label with + key topologyKey matches that of + any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. + description: 'weight associated with + matching the corresponding podAffinityTerm, + + in the range 1-100.' format: int32 type: integer required: @@ -10320,37 +13494,64 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. + description: 'If the affinity requirements + specified by this field are not met at + + scheduling time, the pod will not be scheduled + onto the node. + + If the affinity requirements specified by + this field cease to be met + + at some point during pod execution (e.g. + due to a pod label update), the + + system may or may not try to eventually + evict the pod from its node. + + When there are multiple elements, the lists + of nodes corresponding to each + + podAffinityTerm are intersected, i.e. all + terms must be satisfied.' items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running + description: 'Defines a set of pods (namely + those matching the labelSelector + + relative to the given namespace(s)) that + this pod should be + + co-located (affinity) or not co-located + (anti-affinity) with, + + where co-located is defined as running + on a node whose value of + + the label with key matches + that of any node on which + + a pod of the set of pods is running' properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set + of resources, in this case pods. + + If it''s null, this PodAffinityTerm + matches with no Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector that + contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -10358,80 +13559,153 @@ spec: to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an + array of string values. + If the operator is In or + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. This array is replaced + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + + map is equivalent to an element + of matchExpressions, whose key + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MatchLabelKeys is a set + of pod label keys to select which + pods will + + be taken into consideration. The keys + are used to lookup values from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key in (value)` + + to select the group of existing pods + which pods will be taken into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist in + the incoming + + pod labels will be ignored. The default + value is empty. + + The same key is forbidden to exist + in both matchLabelKeys and labelSelector. + + Also, matchLabelKeys cannot be set + when labelSelector isn''t set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MismatchLabelKeys is a + set of pod label keys to select which + pods will + + be taken into consideration. The keys + are used to lookup values from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key notin (value)` + + to select the group of existing pods + which pods will be taken into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist in + the incoming + + pod labels will be ignored. The default + value is empty. + + The same key is forbidden to exist + in both mismatchLabelKeys and labelSelector. + + Also, mismatchLabelKeys cannot be + set when labelSelector isn''t set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + description: 'A label query over the + set of namespaces that the term applies + to. + + The term is applied to the union of + the namespaces selected by this field + + and the ones listed in the namespaces + field. + + null selector and null or empty namespaces + list means "this pod''s namespace". + + An empty selector ({}) matches all + namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector that + contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -10439,55 +13713,94 @@ spec: to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an + array of string values. + If the operator is In or + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. This array is replaced + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + + map is equivalent to an element + of matchExpressions, whose key + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a + static list of namespace names that + the term applies to. + + The term is applied to the union of + the namespaces listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and + null namespaceSelector means "this + pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching + + the labelSelector in the specified + namespaces, where co-located is defined + as running on a node + + whose value of the label with key + topologyKey matches that of any node + on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling @@ -10495,16 +13808,33 @@ spec: node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: - description: |- - The scheduler will prefer to schedule pods to nodes that satisfy - the anti-affinity expressions specified by this field, but it may choose - a node that violates one or more of the expressions. The node that is - most preferred is the one with the greatest sum of weights, i.e. - for each node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field and adding - "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - node(s) with the highest sum are the most preferred. + description: 'The scheduler will prefer to + schedule pods to nodes that satisfy + + the anti-affinity expressions specified + by this field, but it may choose + + a node that violates one or more of the + expressions. The node that is + + most preferred is the one with the greatest + sum of weights, i.e. + + for each node that meets all of the scheduling + requirements (resource + + request, requiredDuringScheduling anti-affinity + expressions, etc.), + + compute a sum by iterating through the elements + of this field and adding + + "weight" to the sum if the node has pods + which matches the corresponding podAffinityTerm; + the + + node(s) with the highest sum are the most + preferred.' items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added @@ -10516,9 +13846,12 @@ spec: weight. properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over + a set of resources, in this case + pods. + + If it''s null, this PodAffinityTerm + matches with no Pods.' properties: matchExpressions: description: matchExpressions @@ -10526,9 +13859,12 @@ spec: requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the @@ -10536,71 +13872,156 @@ spec: applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a set + of values. + + Valid operators are + In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is + an array of string values. + If the operator is In + or NotIn, + + the values array must + be non-empty. If the + operator is Exists or + DoesNotExist, + + the values array must + be empty. This array + is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels + + map is equivalent to an element + of matchExpressions, whose + key field is "key", the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. - items: - type: string - type: array + description: 'MatchLabelKeys is + a set of pod label keys to select + which pods will + + be taken into consideration. The + keys are used to lookup values + from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key in (value)` + + to select the group of existing + pods which pods will be taken + into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist + in the incoming + + pod labels will be ignored. The + default value is empty. + + The same key is forbidden to exist + in both matchLabelKeys and labelSelector. + + Also, matchLabelKeys cannot be + set when labelSelector isn''t + set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' + items: + type: string + type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MismatchLabelKeys + is a set of pod label keys to + select which pods will + + be taken into consideration. The + keys are used to lookup values + from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key notin (value)` + + to select the group of existing + pods which pods will be taken + into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist + in the incoming + + pod labels will be ignored. The + default value is empty. + + The same key is forbidden to exist + in both mismatchLabelKeys and + labelSelector. + + Also, mismatchLabelKeys cannot + be set when labelSelector isn''t + set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + description: 'A label query over + the set of namespaces that the + term applies to. + + The term is applied to the union + of the namespaces selected by + this field + + and the ones listed in the namespaces + field. + + null selector and null or empty + namespaces list means "this pod''s + namespace". + + An empty selector ({}) matches + all namespaces.' properties: matchExpressions: description: matchExpressions @@ -10608,9 +14029,12 @@ spec: requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the @@ -10618,58 +14042,105 @@ spec: applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a set + of values. + + Valid operators are + In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is + an array of string values. + If the operator is In + or NotIn, + + the values array must + be non-empty. If the + operator is Exists or + DoesNotExist, + + the values array must + be empty. This array + is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels + + map is equivalent to an element + of matchExpressions, whose + key field is "key", the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies + a static list of namespace names + that the term applies to. + + The term is applied to the union + of the namespaces listed in this + field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list + and null namespaceSelector means + "this pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be + co-located (affinity) or not co-located + (anti-affinity) with the pods + matching + + the labelSelector in the specified + namespaces, where co-located is + defined as running on a node + + whose value of the label with + key topologyKey matches that of + any node on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object weight: - description: |- - weight associated with matching the corresponding podAffinityTerm, - in the range 1-100. + description: 'weight associated with + matching the corresponding podAffinityTerm, + + in the range 1-100.' format: int32 type: integer required: @@ -10677,37 +14148,64 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: - description: |- - If the anti-affinity requirements specified by this field are not met at - scheduling time, the pod will not be scheduled onto the node. - If the anti-affinity requirements specified by this field cease to be met - at some point during pod execution (e.g. due to a pod label update), the - system may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding to each - podAffinityTerm are intersected, i.e. all terms must be satisfied. + description: 'If the anti-affinity requirements + specified by this field are not met at + + scheduling time, the pod will not be scheduled + onto the node. + + If the anti-affinity requirements specified + by this field cease to be met + + at some point during pod execution (e.g. + due to a pod label update), the + + system may or may not try to eventually + evict the pod from its node. + + When there are multiple elements, the lists + of nodes corresponding to each + + podAffinityTerm are intersected, i.e. all + terms must be satisfied.' items: - description: |- - Defines a set of pods (namely those matching the labelSelector - relative to the given namespace(s)) that this pod should be - co-located (affinity) or not co-located (anti-affinity) with, - where co-located is defined as running on a node whose value of - the label with key matches that of any node on which - a pod of the set of pods is running + description: 'Defines a set of pods (namely + those matching the labelSelector + + relative to the given namespace(s)) that + this pod should be + + co-located (affinity) or not co-located + (anti-affinity) with, + + where co-located is defined as running + on a node whose value of + + the label with key matches + that of any node on which + + a pod of the set of pods is running' properties: labelSelector: - description: |- - A label query over a set of resources, in this case pods. - If it's null, this PodAffinityTerm matches with no Pods. + description: 'A label query over a set + of resources, in this case pods. + + If it''s null, this PodAffinityTerm + matches with no Pods.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector that + contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -10715,80 +14213,153 @@ spec: to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an + array of string values. + If the operator is In or + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. This array is replaced + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + + map is equivalent to an element + of matchExpressions, whose key + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MatchLabelKeys is a set + of pod label keys to select which + pods will + + be taken into consideration. The keys + are used to lookup values from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key in (value)` + + to select the group of existing pods + which pods will be taken into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist in + the incoming + + pod labels will be ignored. The default + value is empty. + + The same key is forbidden to exist + in both matchLabelKeys and labelSelector. + + Also, matchLabelKeys cannot be set + when labelSelector isn''t set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic mismatchLabelKeys: - description: |- - MismatchLabelKeys is a set of pod label keys to select which pods will - be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` - to select the group of existing pods which pods will be taken into consideration - for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming - pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. - This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + description: 'MismatchLabelKeys is a + set of pod label keys to select which + pods will + + be taken into consideration. The keys + are used to lookup values from the + + incoming pod labels, those key-value + labels are merged with `labelSelector` + as `key notin (value)` + + to select the group of existing pods + which pods will be taken into consideration + + for the incoming pod''s pod (anti) + affinity. Keys that don''t exist in + the incoming + + pod labels will be ignored. The default + value is empty. + + The same key is forbidden to exist + in both mismatchLabelKeys and labelSelector. + + Also, mismatchLabelKeys cannot be + set when labelSelector isn''t set. + + This is an alpha field and requires + enabling MatchLabelKeysInPodAffinity + feature gate.' items: type: string type: array x-kubernetes-list-type: atomic namespaceSelector: - description: |- - A label query over the set of namespaces that the term applies to. - The term is applied to the union of the namespaces selected by this field - and the ones listed in the namespaces field. - null selector and null or empty namespaces list means "this pod's namespace". - An empty selector ({}) matches all namespaces. + description: 'A label query over the + set of namespaces that the term applies + to. + + The term is applied to the union of + the namespaces selected by this field + + and the ones listed in the namespaces + field. + + null selector and null or empty namespaces + list means "this pod''s namespace". + + An empty selector ({}) matches all + namespaces.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector that + contains values, a key, and + an operator that + + relates the key and values.' properties: key: description: key is the label @@ -10796,55 +14367,94 @@ spec: to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents + a key''s relationship to + a set of values. + + Valid operators are In, + NotIn, Exists and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an + array of string values. + If the operator is In or + NotIn, + + the values array must be + non-empty. If the operator + is Exists or DoesNotExist, + + the values array must be + empty. This array is replaced + during a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map + of {key,value} pairs. A single + {key,value} in the matchLabels + + map is equivalent to an element + of matchExpressions, whose key + field is "key", the + + operator is "In", and the values + array contains only "value". The + requirements are ANDed.' type: object type: object x-kubernetes-map-type: atomic namespaces: - description: |- - namespaces specifies a static list of namespace names that the term applies to. - The term is applied to the union of the namespaces listed in this field + description: 'namespaces specifies a + static list of namespace names that + the term applies to. + + The term is applied to the union of + the namespaces listed in this field + and the ones selected by namespaceSelector. - null or empty namespaces list and null namespaceSelector means "this pod's namespace". + + null or empty namespaces list and + null namespaceSelector means "this + pod''s namespace".' items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: - description: |- - This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where co-located is defined as running on a node - whose value of the label with key topologyKey matches that of any node on which any of the + description: 'This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching + + the labelSelector in the specified + namespaces, where co-located is defined + as running on a node + + whose value of the label with key + topologyKey matches that of any node + on which any of the + selected pods is running. - Empty topologyKey is not allowed. + + Empty topologyKey is not allowed.' type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object automountServiceAccountToken: @@ -10853,45 +14463,78 @@ spec: mounted. type: boolean containers: - description: |- - List of containers belonging to the pod. + description: 'List of containers belonging to the + pod. + Containers cannot currently be added or removed. + There must be at least one container in a Pod. - Cannot be updated. + + Cannot be updated.' items: description: A single application container that you want to run within a pod. properties: args: - description: |- - Arguments to the entrypoint. - The container image's CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + description: 'Arguments to the entrypoint. + + The container image''s CMD is used if this + is not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array + x-kubernetes-list-type: atomic command: - description: |- - Entrypoint array. Not executed within a shell. - The container image's ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + description: 'Entrypoint array. Not executed + within a shell. + + The container image''s ENTRYPOINT is used + if this is not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array + x-kubernetes-list-type: atomic env: - description: |- - List of environment variables to set in the container. - Cannot be updated. + description: 'List of environment variables + to set in the container. + + Cannot be updated.' items: description: EnvVar represents an environment variable present in a Container. @@ -10901,16 +14544,30 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + description: 'Variable references $(VAR_NAME) + are expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If + a variable cannot be resolved, + + the reference in the input string will + be unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. - Defaults to "". + + Defaults to "".' type: string valueFrom: description: Source for the environment @@ -10924,10 +14581,12 @@ spec: description: The key to select. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -10939,9 +14598,12 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema @@ -10958,9 +14620,14 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: 'Selects a resource of + the container: only resources limits + and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and + requests.ephemeral-storage) are + currently supported.' properties: containerName: description: 'Container name: @@ -10994,10 +14661,12 @@ spec: secret key. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -11012,14 +14681,26 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: - description: |- - List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will take precedence. - Cannot be updated. + description: 'List of sources to populate environment + variables in the container. + + The keys defined within a source must be a + C_IDENTIFIER. All invalid keys + + will be reported as an event when the container + is starting. When a key exists in multiple + + sources, the value associated with the last + source will take precedence. + + Values defined by an Env with a duplicate + key will take precedence. + + Cannot be updated.' items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -11028,10 +14709,12 @@ spec: description: The ConfigMap to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -11048,10 +14731,12 @@ spec: description: The Secret to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the Secret @@ -11061,56 +14746,87 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: |- - Container image name. + description: 'Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management to default or override - container images in workload controllers like Deployments and StatefulSets. + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' type: string imagePullPolicy: - description: |- - Image pull policy. + description: 'Image pull policy. + One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string lifecycle: - description: |- - Actions that the management system should take in response to container lifecycle events. - Cannot be updated. + description: 'Actions that the management system + should take in response to container lifecycle + events. + + Cannot be updated.' properties: postStart: - description: |- - PostStart is called immediately after a container is created. If the handler fails, - the container is terminated and restarted according to its restart policy. - Other management of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PostStart is called immediately + after a container is created. If the handler + fails, + + the container is terminated and restarted + according to its restart policy. + + Other management of the container blocks + until the hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -11122,9 +14838,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -11135,6 +14855,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -11143,15 +14864,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -11170,10 +14895,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -11184,50 +14914,85 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: |- - PreStop is called immediately before a container is terminated due to an - API request or management event such as liveness/startup probe failure, - preemption, resource contention, etc. The handler is not called if the - container crashes or exits. The Pod's termination grace period countdown begins before the - PreStop hook is executed. Regardless of the outcome of the handler, the - container will eventually terminate within the Pod's termination grace - period (unless delayed by finalizers). Other management of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PreStop is called immediately + before a container is terminated due to + an + + API request or management event such as + liveness/startup probe failure, + + preemption, resource contention, etc. + The handler is not called if the + + container crashes or exits. The Pod''s + termination grace period countdown begins + before the + + PreStop hook is executed. Regardless of + the outcome of the handler, the + + container will eventually terminate within + the Pod''s termination grace + + period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes + + or until the termination grace period + is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -11239,9 +15004,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -11252,6 +15021,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -11260,15 +15030,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -11287,10 +15061,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -11301,10 +15080,13 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -11312,31 +15094,47 @@ spec: type: object type: object livenessProbe: - description: |- - Periodic probe of container liveness. + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -11350,12 +15148,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -11365,9 +15166,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -11379,9 +15182,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -11392,6 +15199,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -11400,35 +15208,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -11443,59 +15261,100 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object name: - description: |- - Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. + description: 'Name of the container specified + as a DNS_LABEL. + + Each container in a pod must have a unique + name (DNS_LABEL). + + Cannot be updated.' type: string ports: - description: |- - List of ports to expose from the container. Not specifying a port here - DOES NOT prevent that port from being exposed. Any port which is - listening on the default "0.0.0.0" address inside a container will be + description: 'List of ports to expose from the + container. Not specifying a port here + + DOES NOT prevent that port from being exposed. + Any port which is + + listening on the default "0.0.0.0" address + inside a container will be + accessible from the network. - Modifying this array with strategic merge patch may corrupt the data. + + Modifying this array with strategic merge + patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. + + Cannot be updated.' items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: |- - Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + description: 'Number of port to expose + on the pod''s IP address. + + This must be a valid port number, 0 + < x < 65536.' format: int32 type: integer hostIP: @@ -11503,24 +15362,34 @@ spec: external port to. type: string hostPort: - description: |- - Number of port to expose on the host. - If specified, this must be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must match ContainerPort. - Most containers do not need this. + description: 'Number of port to expose + on the host. + + If specified, this must be a valid port + number, 0 < x < 65536. + + If HostNetwork is specified, this must + match ContainerPort. + + Most containers do not need this.' format: int32 type: integer name: - description: |- - If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - named port in a pod must have a unique name. Name for the port that can be - referred to by services. + description: 'If specified, this must + be an IANA_SVC_NAME and unique within + the pod. Each + + named port in a pod must have a unique + name. Name for the port that can be + + referred to by services.' type: string protocol: default: TCP - description: |- - Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". + description: 'Protocol for port. Must + be UDP, TCP, or SCTP. + + Defaults to "TCP".' type: string required: - containerPort @@ -11531,31 +15400,49 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: |- - Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe fails. + description: 'Periodic probe of container service + readiness. + + Container will be removed from service endpoints + if the probe fails. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -11569,12 +15456,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -11584,9 +15474,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -11598,9 +15490,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -11611,6 +15507,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -11619,35 +15516,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -11662,33 +15569,60 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -11700,14 +15634,16 @@ spec: resource resize policy for the container. properties: resourceName: - description: |- - Name of the resource to which this resource resize policy applies. - Supported values: cpu, memory. + description: 'Name of the resource to + which this resource resize policy applies. + + Supported values: cpu, memory.' type: string restartPolicy: - description: |- - Restart policy to apply when specified resource is resized. - If not specified, it defaults to NotRequired. + description: 'Restart policy to apply + when specified resource is resized. + + If not specified, it defaults to NotRequired.' type: string required: - resourceName @@ -11716,31 +15652,43 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: |- - Compute Resources required by this container. + description: 'Compute Resources required by + this container. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' properties: claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, + description: 'Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. - This is an alpha field and requires enabling the + + This is an alpha field and requires enabling + the + DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. + + This field is immutable. It can only be + set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. + description: 'Name must match the + name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. + It makes that resource available + + inside a container.' type: string required: - name @@ -11756,9 +15704,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes the maximum + amount of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -11767,52 +15716,139 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes the minimum + amount of compute resources required. + + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, + + otherwise to an implementation-defined + value. Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object restartPolicy: - description: |- - RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: - this init container will be continually restarted on - exit until all regular containers have terminated. Once all regular - containers have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init containers and - is often referred to as a "sidecar" container. Although this init - container still starts in the init container sequence, it does not wait - for the container to complete before proceeding to the next init - container. Instead, the next init container starts immediately after this - init container is started, or after any startupProbe has successfully - completed. + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. + + This field may only be set for init containers, + and the only allowed value is "Always". + + For non-init containers or when this field + is not specified, + + the restart behavior is defined by the Pod''s + restart policy and the container type. + + Setting the RestartPolicy as "Always" for + the init container will have the following + effect: + + this init container will be continually restarted + on + + exit until all regular containers have terminated. + Once all regular + + containers have completed, all init containers + with restartPolicy "Always" + + will be shut down. This lifecycle differs + from normal init containers and + + is often referred to as a "sidecar" container. + Although this init + + container still starts in the init container + sequence, it does not wait + + for the container to complete before proceeding + to the next init + + container. Instead, the next init container + starts immediately after this + + init container is started, or after any startupProbe + has successfully + + completed.' type: string securityContext: - description: |- - SecurityContext defines the security options the container should be run with. - If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + description: 'SecurityContext defines the security + options the container should be run with. + + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' properties: allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more + + privileges than its parent process. This + bool directly controls if + + the no_new_privs flag will be set on the + container process. + + AllowPrivilegeEscalation is true always + when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean + appArmorProfile: + description: 'appArmorProfile is the AppArmor + options to use by this container. If set, + this profile + + overrides the pod''s appArmorProfile. + + Note that this field cannot be set when + spec.os.name is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates + a profile loaded on the node that + should be used. + + The profile must be preconfigured + on the node to work. + + Must match the loaded name of the + profile. + + Must be set if and only if type is + "Localhost".' + type: string + type: + description: "type indicates which kind\ + \ of AppArmor profile will be applied.\n\ + Valid options are:\n Localhost -\ + \ a profile pre-loaded on the node.\n\ + \ RuntimeDefault - the container\ + \ runtime's default profile.\n Unconfined\ + \ - no AppArmor enforcement." + type: string + required: + - type + type: object capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. + description: 'The capabilities to add/drop + when running containers. + + Defaults to the default set of capabilities + granted by the container runtime. + + Note that this field cannot be set when + spec.os.name is windows.' properties: add: description: Added capabilities @@ -11821,6 +15857,7 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -11828,62 +15865,113 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. + description: 'Run container in privileged + mode. + + Processes in privileged containers are + essentially equivalent to root on the + host. + Defaults to false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + description: 'procMount denotes the type + of proc mount to use for the containers. + + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. + + This requires the ProcMountType feature + flag to be enabled. + + Note that this field cannot be set when + spec.os.name is windows.' type: string readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. + description: 'Whether this container has + a read-only root filesystem. + Default is false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint + of the container process. + Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'Indicates that the container + must run as a non-root user. + + If true, the Kubelet will validate the + image at runtime to ensure that it + + does not run as UID 0 (root) and fail + to start the container if it does. + + If unset or false, no such validation + will be performed. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The UID to run the entrypoint + of the container process. + + Defaults to user specified in image metadata + if unspecified. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The SELinux context to be + applied to the container. + + If unspecified, the container runtime + will allocate a random SELinux context + for each + + container. May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' properties: level: description: Level is SELinux level @@ -11903,44 +15991,76 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options + description: 'The seccomp options to use + by this container. If seccomp options + are + + provided at both the pod & container level, + the container options + override the pod options. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + description: 'localhostProfile indicates + a profile defined in a file on the + node should be used. + + The profile must be preconfigured + on the node to work. + + Must be a descending path, relative + to the kubelet''s configured seccomp + profile location. + + Must be set if type is "Localhost". + Must NOT be set for any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind + of seccomp profile will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a + file on the node should be used. + + RuntimeDefault - the container runtime + default profile should be used. + + Unconfined - no profile should be + applied.' type: string required: - type type: object windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings + applied to all containers. + + If unspecified, the options from the PodSecurityContext + will be used. + + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + + Note that this field cannot be set when + spec.os.name is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is + where the GMSA admission webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the + + GMSA credential spec named by the + GMSACredentialSpecName field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName @@ -11948,50 +16068,91 @@ spec: spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines + if a container should be run as a + ''Host Process'' container. + + All of a Pod''s containers must have + the same effective HostProcess value + + (it is not allowed to have a mix of + HostProcess containers and non-HostProcess + containers). + + In addition, if HostProcess is true + then HostNetwork must also be set + to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'The UserName in Windows + to run the entrypoint of the container + process. + + Defaults to the user specified in + image metadata if unspecified. + + May also be set in PodSecurityContext. + If set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: string type: object type: object startupProbe: - description: |- - StartupProbe indicates that the Pod has successfully initialized. - If specified, no other probes are executed until this completes successfully. - If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. - This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, - when it might take a long time to load data or warm a cache, than during steady-state operation. + description: 'StartupProbe indicates that the + Pod has successfully initialized. + + If specified, no other probes are executed + until this completes successfully. + + If this probe fails, the Pod will be restarted, + just as if the livenessProbe failed. + + This can be used to provide different probe + parameters at the beginning of a Pod''s lifecycle, + + when it might take a long time to load data + or warm a cache, than during steady-state + operation. + This cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -12005,12 +16166,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -12020,9 +16184,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -12034,9 +16200,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -12047,6 +16217,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -12055,35 +16226,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -12098,76 +16279,143 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object stdin: - description: |- - Whether this container should allocate a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will always result in EOF. - Default is false. + description: 'Whether this container should + allocate a buffer for stdin in the container + runtime. If this + + is not set, reads from stdin in the container + will always result in EOF. + + Default is false.' type: boolean stdinOnce: - description: |- - Whether the container runtime should close the stdin channel after it has been opened by - a single attach. When stdin is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - first client attaches to stdin, and then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin will never receive an EOF. - Default is false + description: 'Whether the container runtime + should close the stdin channel after it has + been opened by + + a single attach. When stdin is true the stdin + stream will remain open across multiple attach + + sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until + the + + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + + at which time stdin is closed and remains + closed until the container is restarted. If + this + + flag is false, a container processes that + reads from stdin will never receive an EOF. + + Default is false' type: boolean terminationMessagePath: - description: |- - Optional: Path at which the file to which the container's termination message - will be written is mounted into the container's filesystem. - Message written is intended to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. The total message length across + description: 'Optional: Path at which the file + to which the container''s termination message + + will be written is mounted into the container''s + filesystem. + + Message written is intended to be brief final + status, such as an assertion failure message. + + Will be truncated by the node if greater than + 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. - Cannot be updated. + + Cannot be updated.' type: string terminationMessagePolicy: - description: |- - Indicate how the termination message should be populated. File will use the contents of - terminationMessagePath to populate the container status message on both success and failure. - FallbackToLogsOnError will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + description: 'Indicate how the termination message + should be populated. File will use the contents + of + + terminationMessagePath to populate the container + status message on both success and failure. + + FallbackToLogsOnError will use the last chunk + of container log output if the termination + + message file is empty and the container exited + with an error. + + The log output is limited to 2048 bytes or + 80 lines, whichever is smaller. + Defaults to File. - Cannot be updated. + + Cannot be updated.' type: string tty: - description: |- - Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - Default is false. + description: 'Whether this container should + allocate a TTY for itself, also requires ''stdin'' + to be true. + + Default is false.' type: boolean volumeDevices: description: volumeDevices is the list of block @@ -12190,83 +16438,174 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: - description: |- - Pod volumes to mount into the container's filesystem. - Cannot be updated. + description: 'Pod volumes to mount into the + container''s filesystem. + + Cannot be updated.' items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. + description: 'Path within the container + at which the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host + description: 'mountPropagation determines + how mounts are propagated from the host + to container and the other way around. - When not set, MountPropagationNone is used. + + When not set, MountPropagationNone is + used. + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible + or to Enabled, MountPropagation must + be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. + description: 'Mounted read-only if true, + read-write otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies + whether read-only mounts should be handled + + recursively. + + + + If ReadOnly is false, this field has + no meaning and must be unspecified. + + + + If ReadOnly is true, and this field + is set to Disabled, the mount is not + made + + recursively read-only. If this field + is set to IfPossible, the mount is made + + recursively read-only, if it is supported + by the container runtime. If this + + field is set to Enabled, the mount is + made recursively read-only if it is + + supported by the container runtime, + otherwise the pod will not be started + and + + an error will be generated to indicate + the reason. + + + + If this field is set to IfPossible or + Enabled, MountPropagation must be set + to + + None (or be unspecified, which defaults + to None). + + + + If this field is not specified, it is + treated as an equivalent of Disabled.' + type: string subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). + description: 'Path within the volume from + which the container''s volume should + be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. + description: 'Expanded path within the + volume from which the container''s volume + should be mounted. + + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are + expanded using the container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually + exclusive.' type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: |- - Container's working directory. - If not specified, the container runtime's default will be used, which + description: 'Container''s working directory. + + If not specified, the container runtime''s + default will be used, which + might be configured in the container image. - Cannot be updated. + + Cannot be updated.' type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map dnsConfig: - description: |- - Specifies the DNS parameters of a pod. - Parameters specified here will be merged to the generated DNS - configuration based on DNSPolicy. + description: 'Specifies the DNS parameters of a pod. + + Parameters specified here will be merged to the + generated DNS + + configuration based on DNSPolicy.' properties: nameservers: - description: |- - A list of DNS name server IP addresses. - This will be appended to the base nameservers generated from DNSPolicy. - Duplicated nameservers will be removed. + description: 'A list of DNS name server IP addresses. + + This will be appended to the base nameservers + generated from DNSPolicy. + + Duplicated nameservers will be removed.' items: type: string type: array + x-kubernetes-list-type: atomic options: - description: |- - A list of DNS resolver options. - This will be merged with the base options generated from DNSPolicy. - Duplicated entries will be removed. Resolution options given in Options - will override those that appear in the base DNSPolicy. + description: 'A list of DNS resolver options. + + This will be merged with the base options generated + from DNSPolicy. + + Duplicated entries will be removed. Resolution + options given in Options + + will override those that appear in the base + DNSPolicy.' items: description: PodDNSConfigOption defines DNS resolver options of a pod. @@ -12278,78 +16617,142 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic searches: - description: |- - A list of DNS search domains for host-name lookup. - This will be appended to the base search paths generated from DNSPolicy. - Duplicated search paths will be removed. + description: 'A list of DNS search domains for + host-name lookup. + + This will be appended to the base search paths + generated from DNSPolicy. + + Duplicated search paths will be removed.' items: type: string type: array + x-kubernetes-list-type: atomic type: object dnsPolicy: - description: |- - Set DNS policy for the pod. + description: 'Set DNS policy for the pod. + Defaults to "ClusterFirst". - Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. - DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. - To have DNS options set along with hostNetwork, you have to specify DNS policy - explicitly to 'ClusterFirstWithHostNet'. + + Valid values are ''ClusterFirstWithHostNet'', ''ClusterFirst'', + ''Default'' or ''None''. + + DNS parameters given in DNSConfig will be merged + with the policy selected with DNSPolicy. + + To have DNS options set along with hostNetwork, + you have to specify DNS policy + + explicitly to ''ClusterFirstWithHostNet''.' type: string enableServiceLinks: - description: |- - EnableServiceLinks indicates whether information about services should be injected into pod's - environment variables, matching the syntax of Docker links. - Optional: Defaults to true. + description: 'EnableServiceLinks indicates whether + information about services should be injected into + pod''s + + environment variables, matching the syntax of Docker + links. + + Optional: Defaults to true.' type: boolean ephemeralContainers: - description: |- - List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing - pod to perform user-initiated actions such as debugging. This list cannot be specified when - creating a pod, and it cannot be modified by updating the pod spec. In order to add an - ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. + description: 'List of ephemeral containers run in + this pod. Ephemeral containers may be run in an + existing + + pod to perform user-initiated actions such as debugging. + This list cannot be specified when + + creating a pod, and it cannot be modified by updating + the pod spec. In order to add an + + ephemeral container to an existing pod, use the + pod''s ephemeralcontainers subresource.' items: - description: |- - An EphemeralContainer is a temporary container that you may add to an existing Pod for - user-initiated activities such as debugging. Ephemeral containers have no resource or - scheduling guarantees, and they will not be restarted when they exit or when a Pod is - removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the + description: 'An EphemeralContainer is a temporary + container that you may add to an existing Pod + for + + user-initiated activities such as debugging. Ephemeral + containers have no resource or + + scheduling guarantees, and they will not be restarted + when they exit or when a Pod is + + removed or restarted. The kubelet may evict a + Pod if an ephemeral container causes the + Pod to exceed its resource allocation. - To add an ephemeral container, use the ephemeralcontainers subresource of an existing - Pod. Ephemeral containers may not be removed or restarted. + + To add an ephemeral container, use the ephemeralcontainers + subresource of an existing + + Pod. Ephemeral containers may not be removed or + restarted.' properties: args: - description: |- - Arguments to the entrypoint. - The image's CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + description: 'Arguments to the entrypoint. + + The image''s CMD is used if this is not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array + x-kubernetes-list-type: atomic command: - description: |- - Entrypoint array. Not executed within a shell. - The image's ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - items: - type: string - type: array - env: - description: |- - List of environment variables to set in the container. - Cannot be updated. + description: 'Entrypoint array. Not executed + within a shell. + + The image''s ENTRYPOINT is used if this is + not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + x-kubernetes-list-type: atomic + env: + description: 'List of environment variables + to set in the container. + + Cannot be updated.' items: description: EnvVar represents an environment variable present in a Container. @@ -12359,16 +16762,30 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + description: 'Variable references $(VAR_NAME) + are expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If + a variable cannot be resolved, + + the reference in the input string will + be unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. - Defaults to "". + + Defaults to "".' type: string valueFrom: description: Source for the environment @@ -12382,10 +16799,12 @@ spec: description: The key to select. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -12397,9 +16816,12 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema @@ -12416,9 +16838,14 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: 'Selects a resource of + the container: only resources limits + and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and + requests.ephemeral-storage) are + currently supported.' properties: containerName: description: 'Container name: @@ -12452,10 +16879,12 @@ spec: secret key. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -12470,14 +16899,26 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: - description: |- - List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will take precedence. - Cannot be updated. + description: 'List of sources to populate environment + variables in the container. + + The keys defined within a source must be a + C_IDENTIFIER. All invalid keys + + will be reported as an event when the container + is starting. When a key exists in multiple + + sources, the value associated with the last + source will take precedence. + + Values defined by an Env with a duplicate + key will take precedence. + + Cannot be updated.' items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -12486,10 +16927,12 @@ spec: description: The ConfigMap to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -12506,10 +16949,12 @@ spec: description: The Secret to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the Secret @@ -12519,53 +16964,78 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: |- - Container image name. - More info: https://kubernetes.io/docs/concepts/containers/images + description: 'Container image name. + + More info: https://kubernetes.io/docs/concepts/containers/images' type: string imagePullPolicy: - description: |- - Image pull policy. + description: 'Image pull policy. + One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string lifecycle: description: Lifecycle is not allowed for ephemeral containers. properties: postStart: - description: |- - PostStart is called immediately after a container is created. If the handler fails, - the container is terminated and restarted according to its restart policy. - Other management of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PostStart is called immediately + after a container is created. If the handler + fails, + + the container is terminated and restarted + according to its restart policy. + + Other management of the container blocks + until the hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -12577,9 +17047,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -12590,6 +17064,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -12598,15 +17073,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -12625,10 +17104,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -12639,50 +17123,85 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: |- - PreStop is called immediately before a container is terminated due to an - API request or management event such as liveness/startup probe failure, - preemption, resource contention, etc. The handler is not called if the - container crashes or exits. The Pod's termination grace period countdown begins before the - PreStop hook is executed. Regardless of the outcome of the handler, the - container will eventually terminate within the Pod's termination grace - period (unless delayed by finalizers). Other management of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PreStop is called immediately + before a container is terminated due to + an + + API request or management event such as + liveness/startup probe failure, + + preemption, resource contention, etc. + The handler is not called if the + + container crashes or exits. The Pod''s + termination grace period countdown begins + before the + + PreStop hook is executed. Regardless of + the outcome of the handler, the + + container will eventually terminate within + the Pod''s termination grace + + period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes + + or until the termination grace period + is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -12694,9 +17213,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -12707,6 +17230,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -12715,15 +17239,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -12742,10 +17270,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -12756,10 +17289,13 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -12775,20 +17311,34 @@ spec: take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -12802,12 +17352,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -12817,9 +17370,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -12831,9 +17386,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -12844,6 +17403,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -12852,35 +17412,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -12895,40 +17465,69 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object name: - description: |- - Name of the ephemeral container specified as a DNS_LABEL. - This name must be unique among all containers, init containers and ephemeral containers. + description: 'Name of the ephemeral container + specified as a DNS_LABEL. + + This name must be unique among all containers, + init containers and ephemeral containers.' type: string ports: description: Ports are not allowed for ephemeral @@ -12938,9 +17537,11 @@ spec: port in a single container. properties: containerPort: - description: |- - Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + description: 'Number of port to expose + on the pod''s IP address. + + This must be a valid port number, 0 + < x < 65536.' format: int32 type: integer hostIP: @@ -12948,24 +17549,34 @@ spec: external port to. type: string hostPort: - description: |- - Number of port to expose on the host. - If specified, this must be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must match ContainerPort. - Most containers do not need this. + description: 'Number of port to expose + on the host. + + If specified, this must be a valid port + number, 0 < x < 65536. + + If HostNetwork is specified, this must + match ContainerPort. + + Most containers do not need this.' format: int32 type: integer name: - description: |- - If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - named port in a pod must have a unique name. Name for the port that can be - referred to by services. + description: 'If specified, this must + be an IANA_SVC_NAME and unique within + the pod. Each + + named port in a pod must have a unique + name. Name for the port that can be + + referred to by services.' type: string protocol: default: TCP - description: |- - Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". + description: 'Protocol for port. Must + be UDP, TCP, or SCTP. + + Defaults to "TCP".' type: string required: - containerPort @@ -12984,20 +17595,34 @@ spec: take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -13011,12 +17636,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -13026,9 +17654,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -13040,9 +17670,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -13053,6 +17687,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -13061,35 +17696,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -13104,33 +17749,60 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -13142,14 +17814,16 @@ spec: resource resize policy for the container. properties: resourceName: - description: |- - Name of the resource to which this resource resize policy applies. - Supported values: cpu, memory. + description: 'Name of the resource to + which this resource resize policy applies. + + Supported values: cpu, memory.' type: string restartPolicy: - description: |- - Restart policy to apply when specified resource is resized. - If not specified, it defaults to NotRequired. + description: 'Restart policy to apply + when specified resource is resized. + + If not specified, it defaults to NotRequired.' type: string required: - resourceName @@ -13158,30 +17832,42 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: |- - Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources - already allocated to the pod. + description: 'Resources are not allowed for + ephemeral containers. Ephemeral containers + use spare resources + + already allocated to the pod.' properties: claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, + description: 'Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. - This is an alpha field and requires enabling the + + This is an alpha field and requires enabling + the + DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. + + This field is immutable. It can only be + set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. + description: 'Name must match the + name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. + It makes that resource available + + inside a container.' type: string required: - name @@ -13197,9 +17883,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes the maximum + amount of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -13208,40 +17895,103 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes the minimum + amount of compute resources required. + + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, + + otherwise to an implementation-defined + value. Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object restartPolicy: - description: |- - Restart policy for the container to manage the restart behavior of each + description: 'Restart policy for the container + to manage the restart behavior of each + container within a pod. - This may only be set for init containers. You cannot set this field on - ephemeral containers. + + This may only be set for init containers. + You cannot set this field on + + ephemeral containers.' type: string securityContext: - description: |- - Optional: SecurityContext defines the security options the ephemeral container should be run with. - If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + description: 'Optional: SecurityContext defines + the security options the ephemeral container + should be run with. + + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext.' properties: allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more + + privileges than its parent process. This + bool directly controls if + + the no_new_privs flag will be set on the + container process. + + AllowPrivilegeEscalation is true always + when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean + appArmorProfile: + description: 'appArmorProfile is the AppArmor + options to use by this container. If set, + this profile + + overrides the pod''s appArmorProfile. + + Note that this field cannot be set when + spec.os.name is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates + a profile loaded on the node that + should be used. + + The profile must be preconfigured + on the node to work. + + Must match the loaded name of the + profile. + + Must be set if and only if type is + "Localhost".' + type: string + type: + description: "type indicates which kind\ + \ of AppArmor profile will be applied.\n\ + Valid options are:\n Localhost -\ + \ a profile pre-loaded on the node.\n\ + \ RuntimeDefault - the container\ + \ runtime's default profile.\n Unconfined\ + \ - no AppArmor enforcement." + type: string + required: + - type + type: object capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. + description: 'The capabilities to add/drop + when running containers. + + Defaults to the default set of capabilities + granted by the container runtime. + + Note that this field cannot be set when + spec.os.name is windows.' properties: add: description: Added capabilities @@ -13250,6 +18000,7 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -13257,62 +18008,113 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. + description: 'Run container in privileged + mode. + + Processes in privileged containers are + essentially equivalent to root on the + host. + Defaults to false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + description: 'procMount denotes the type + of proc mount to use for the containers. + + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. + + This requires the ProcMountType feature + flag to be enabled. + + Note that this field cannot be set when + spec.os.name is windows.' type: string readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. + description: 'Whether this container has + a read-only root filesystem. + Default is false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint + of the container process. + Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'Indicates that the container + must run as a non-root user. + + If true, the Kubelet will validate the + image at runtime to ensure that it + + does not run as UID 0 (root) and fail + to start the container if it does. + + If unset or false, no such validation + will be performed. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The UID to run the entrypoint + of the container process. + + Defaults to user specified in image metadata + if unspecified. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The SELinux context to be + applied to the container. + + If unspecified, the container runtime + will allocate a random SELinux context + for each + + container. May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' properties: level: description: Level is SELinux level @@ -13332,44 +18134,76 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options + description: 'The seccomp options to use + by this container. If seccomp options + are + + provided at both the pod & container level, + the container options + override the pod options. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + description: 'localhostProfile indicates + a profile defined in a file on the + node should be used. + + The profile must be preconfigured + on the node to work. + + Must be a descending path, relative + to the kubelet''s configured seccomp + profile location. + + Must be set if type is "Localhost". + Must NOT be set for any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind + of seccomp profile will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a + file on the node should be used. + + RuntimeDefault - the container runtime + default profile should be used. + + Unconfined - no profile should be + applied.' type: string required: - type type: object windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings + applied to all containers. + + If unspecified, the options from the PodSecurityContext + will be used. + + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + + Note that this field cannot be set when + spec.os.name is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is + where the GMSA admission webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the + + GMSA credential spec named by the + GMSACredentialSpecName field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName @@ -13377,18 +18211,34 @@ spec: spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines + if a container should be run as a + ''Host Process'' container. + + All of a Pod''s containers must have + the same effective HostProcess value + + (it is not allowed to have a mix of + HostProcess containers and non-HostProcess + containers). + + In addition, if HostProcess is true + then HostNetwork must also be set + to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'The UserName in Windows + to run the entrypoint of the container + process. + + Defaults to the user specified in + image metadata if unspecified. + + May also be set in PodSecurityContext. + If set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: string type: object type: object @@ -13401,20 +18251,34 @@ spec: take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -13428,12 +18292,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -13443,9 +18310,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -13457,9 +18326,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -13470,6 +18343,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -13478,35 +18352,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -13521,86 +18405,162 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object stdin: - description: |- - Whether this container should allocate a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will always result in EOF. - Default is false. + description: 'Whether this container should + allocate a buffer for stdin in the container + runtime. If this + + is not set, reads from stdin in the container + will always result in EOF. + + Default is false.' type: boolean stdinOnce: - description: |- - Whether the container runtime should close the stdin channel after it has been opened by - a single attach. When stdin is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - first client attaches to stdin, and then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin will never receive an EOF. - Default is false + description: 'Whether the container runtime + should close the stdin channel after it has + been opened by + + a single attach. When stdin is true the stdin + stream will remain open across multiple attach + + sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until + the + + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + + at which time stdin is closed and remains + closed until the container is restarted. If + this + + flag is false, a container processes that + reads from stdin will never receive an EOF. + + Default is false' type: boolean targetContainerName: - description: |- - If set, the name of the container from PodSpec that this ephemeral container targets. - The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. - If not set then the ephemeral container uses the namespaces configured in the Pod spec. + description: 'If set, the name of the container + from PodSpec that this ephemeral container + targets. + + The ephemeral container will be run in the + namespaces (IPC, PID, etc) of this container. + + If not set then the ephemeral container uses + the namespaces configured in the Pod spec. + - The container runtime must implement support for this feature. If the runtime does not - support namespace targeting then the result of setting this field is undefined. + The container runtime must implement support + for this feature. If the runtime does not + + support namespace targeting then the result + of setting this field is undefined.' type: string terminationMessagePath: - description: |- - Optional: Path at which the file to which the container's termination message - will be written is mounted into the container's filesystem. - Message written is intended to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. The total message length across + description: 'Optional: Path at which the file + to which the container''s termination message + + will be written is mounted into the container''s + filesystem. + + Message written is intended to be brief final + status, such as an assertion failure message. + + Will be truncated by the node if greater than + 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. - Cannot be updated. + + Cannot be updated.' type: string terminationMessagePolicy: - description: |- - Indicate how the termination message should be populated. File will use the contents of - terminationMessagePath to populate the container status message on both success and failure. - FallbackToLogsOnError will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + description: 'Indicate how the termination message + should be populated. File will use the contents + of + + terminationMessagePath to populate the container + status message on both success and failure. + + FallbackToLogsOnError will use the last chunk + of container log output if the termination + + message file is empty and the container exited + with an error. + + The log output is limited to 2048 bytes or + 80 lines, whichever is smaller. + Defaults to File. - Cannot be updated. + + Cannot be updated.' type: string tty: - description: |- - Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - Default is false. + description: 'Whether this container should + allocate a TTY for itself, also requires ''stdin'' + to be true. + + Default is false.' type: boolean volumeDevices: description: volumeDevices is the list of block @@ -13623,183 +18583,352 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: - description: |- - Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. - Cannot be updated. + description: 'Pod volumes to mount into the + container''s filesystem. Subpath mounts are + not allowed for ephemeral containers. + + Cannot be updated.' items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. + description: 'Path within the container + at which the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host + description: 'mountPropagation determines + how mounts are propagated from the host + to container and the other way around. - When not set, MountPropagationNone is used. + + When not set, MountPropagationNone is + used. + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible + or to Enabled, MountPropagation must + be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. + description: 'Mounted read-only if true, + read-write otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies + whether read-only mounts should be handled + + recursively. + + + + If ReadOnly is false, this field has + no meaning and must be unspecified. + + + + If ReadOnly is true, and this field + is set to Disabled, the mount is not + made + + recursively read-only. If this field + is set to IfPossible, the mount is made + + recursively read-only, if it is supported + by the container runtime. If this + + field is set to Enabled, the mount is + made recursively read-only if it is + + supported by the container runtime, + otherwise the pod will not be started + and + + an error will be generated to indicate + the reason. + + + + If this field is set to IfPossible or + Enabled, MountPropagation must be set + to + + None (or be unspecified, which defaults + to None). + + + + If this field is not specified, it is + treated as an equivalent of Disabled.' + type: string subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). + description: 'Path within the volume from + which the container''s volume should + be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. + description: 'Expanded path within the + volume from which the container''s volume + should be mounted. + + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are + expanded using the container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually + exclusive.' type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: |- - Container's working directory. - If not specified, the container runtime's default will be used, which + description: 'Container''s working directory. + + If not specified, the container runtime''s + default will be used, which + might be configured in the container image. - Cannot be updated. + + Cannot be updated.' type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map hostAliases: - description: |- - HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - file if specified. This is only valid for non-hostNetwork pods. + description: 'HostAliases is an optional list of hosts + and IPs that will be injected into the pod''s hosts + + file if specified.' items: - description: |- - HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the - pod's hosts file. + description: 'HostAlias holds the mapping between + IP and hostnames that will be injected as an entry + in the + + pod''s hosts file.' properties: hostnames: description: Hostnames for the above IP address. items: type: string type: array + x-kubernetes-list-type: atomic ip: description: IP address of the host file entry. type: string + required: + - ip type: object type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map hostIPC: - description: |- - Use the host's ipc namespace. - Optional: Default to false. + description: 'Use the host''s ipc namespace. + + Optional: Default to false.' type: boolean hostNetwork: - description: |- - Host networking requested for this pod. Use the host's network namespace. - If this option is set, the ports that will be used must be specified. - Default to false. + description: 'Host networking requested for this pod. + Use the host''s network namespace. + + If this option is set, the ports that will be used + must be specified. + + Default to false.' type: boolean hostPID: - description: |- - Use the host's pid namespace. - Optional: Default to false. + description: 'Use the host''s pid namespace. + + Optional: Default to false.' type: boolean hostUsers: - description: |- - Use the host's user namespace. + description: 'Use the host''s user namespace. + Optional: Default to true. - If set to true or not present, the pod will be run in the host user namespace, useful - for when the pod needs a feature only available to the host user namespace, such as + + If set to true or not present, the pod will be run + in the host user namespace, useful + + for when the pod needs a feature only available + to the host user namespace, such as + loading a kernel module with CAP_SYS_MODULE. - When set to false, a new userns is created for the pod. Setting false is useful for - mitigating container breakout vulnerabilities even allowing users to run their - containers as root without actually having root privileges on the host. - This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. + + When set to false, a new userns is created for the + pod. Setting false is useful for + + mitigating container breakout vulnerabilities even + allowing users to run their + + containers as root without actually having root + privileges on the host. + + This field is alpha-level and is only honored by + servers that enable the UserNamespacesSupport feature.' type: boolean hostname: - description: |- - Specifies the hostname of the Pod - If not specified, the pod's hostname will be set to a system-defined value. + description: 'Specifies the hostname of the Pod + + If not specified, the pod''s hostname will be set + to a system-defined value.' type: string imagePullSecrets: - description: |- - ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. - If specified, these secrets will be passed to individual puller implementations for them to use. - More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod + description: 'ImagePullSecrets is an optional list + of references to secrets in the same namespace to + use for pulling any of the images used by this PodSpec. + + If specified, these secrets will be passed to individual + puller implementations for them to use. + + More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough + information to let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string + required: + - name type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map initContainers: - description: |- - List of initialization containers belonging to the pod. - Init containers are executed in order prior to containers being started. If any - init container fails, the pod is considered to have failed and is handled according - to its restartPolicy. The name for an init container or normal container must be + description: 'List of initialization containers belonging + to the pod. + + Init containers are executed in order prior to containers + being started. If any + + init container fails, the pod is considered to have + failed and is handled according + + to its restartPolicy. The name for an init container + or normal container must be + unique among all containers. - Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. - The resourceRequirements of an init container are taken into account during scheduling - by finding the highest request/limit for each resource type, and then using the max of - of that value or the sum of the normal containers. Limits are applied to init containers + + Init containers may not have Lifecycle actions, + Readiness probes, Liveness probes, or Startup probes. + + The resourceRequirements of an init container are + taken into account during scheduling + + by finding the highest request/limit for each resource + type, and then using the max of + + of that value or the sum of the normal containers. + Limits are applied to init containers + in a similar fashion. + Init containers cannot currently be added or removed. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + + More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/' items: description: A single application container that you want to run within a pod. properties: args: - description: |- - Arguments to the entrypoint. - The container image's CMD is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + description: 'Arguments to the entrypoint. + + The container image''s CMD is used if this + is not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array + x-kubernetes-list-type: atomic command: - description: |- - Entrypoint array. Not executed within a shell. - The container image's ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - of whether the variable exists or not. Cannot be updated. - More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + description: 'Entrypoint array. Not executed + within a shell. + + The container image''s ENTRYPOINT is used + if this is not provided. + + Variable references $(VAR_NAME) are expanded + using the container''s environment. If a variable + + cannot be resolved, the reference in the input + string will be unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + + produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, + regardless + + of whether the variable exists or not. Cannot + be updated. + + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' items: type: string type: array + x-kubernetes-list-type: atomic env: - description: |- - List of environment variables to set in the container. - Cannot be updated. + description: 'List of environment variables + to set in the container. + + Cannot be updated.' items: description: EnvVar represents an environment variable present in a Container. @@ -13809,16 +18938,30 @@ spec: Must be a C_IDENTIFIER. type: string value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + description: 'Variable references $(VAR_NAME) + are expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If + a variable cannot be resolved, + + the reference in the input string will + be unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. - Defaults to "". + + Defaults to "".' type: string valueFrom: description: Source for the environment @@ -13832,10 +18975,12 @@ spec: description: The key to select. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -13847,9 +18992,12 @@ spec: type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: 'Selects a field of the + pod: supports metadata.name, metadata.namespace, + `metadata.labels['''']`, `metadata.annotations['''']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, status.podIPs.' properties: apiVersion: description: Version of the schema @@ -13866,9 +19014,14 @@ spec: type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: 'Selects a resource of + the container: only resources limits + and requests + + (limits.cpu, limits.memory, limits.ephemeral-storage, + requests.cpu, requests.memory and + requests.ephemeral-storage) are + currently supported.' properties: containerName: description: 'Container name: @@ -13902,10 +19055,12 @@ spec: secret key. type: string name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: Specify whether the @@ -13920,14 +19075,26 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map envFrom: - description: |- - List of sources to populate environment variables in the container. - The keys defined within a source must be a C_IDENTIFIER. All invalid keys - will be reported as an event when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take precedence. - Values defined by an Env with a duplicate key will take precedence. - Cannot be updated. + description: 'List of sources to populate environment + variables in the container. + + The keys defined within a source must be a + C_IDENTIFIER. All invalid keys + + will be reported as an event when the container + is starting. When a key exists in multiple + + sources, the value associated with the last + source will take precedence. + + Values defined by an Env with a duplicate + key will take precedence. + + Cannot be updated.' items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -13936,10 +19103,12 @@ spec: description: The ConfigMap to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -13956,10 +19125,12 @@ spec: description: The Secret to select from properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: Specify whether the Secret @@ -13969,56 +19140,87 @@ spec: x-kubernetes-map-type: atomic type: object type: array + x-kubernetes-list-type: atomic image: - description: |- - Container image name. + description: 'Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management to default or override - container images in workload controllers like Deployments and StatefulSets. + + This field is optional to allow higher level + config management to default or override + + container images in workload controllers like + Deployments and StatefulSets.' type: string imagePullPolicy: - description: |- - Image pull policy. + description: 'Image pull policy. + One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + + Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string lifecycle: - description: |- - Actions that the management system should take in response to container lifecycle events. - Cannot be updated. + description: 'Actions that the management system + should take in response to container lifecycle + events. + + Cannot be updated.' properties: postStart: - description: |- - PostStart is called immediately after a container is created. If the handler fails, - the container is terminated and restarted according to its restart policy. - Other management of the container blocks until the hook completes. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PostStart is called immediately + after a container is created. If the handler + fails, + + the container is terminated and restarted + according to its restart policy. + + Other management of the container blocks + until the hook completes. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -14030,9 +19232,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -14043,6 +19249,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -14051,15 +19258,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -14078,10 +19289,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -14092,50 +19308,85 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object type: object preStop: - description: |- - PreStop is called immediately before a container is terminated due to an - API request or management event such as liveness/startup probe failure, - preemption, resource contention, etc. The handler is not called if the - container crashes or exits. The Pod's termination grace period countdown begins before the - PreStop hook is executed. Regardless of the outcome of the handler, the - container will eventually terminate within the Pod's termination grace - period (unless delayed by finalizers). Other management of the container blocks until the hook completes - or until the termination grace period is reached. - More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + description: 'PreStop is called immediately + before a container is terminated due to + an + + API request or management event such as + liveness/startup probe failure, + + preemption, resource contention, etc. + The handler is not called if the + + container crashes or exits. The Pod''s + termination grace period countdown begins + before the + + PreStop hook is executed. Regardless of + the outcome of the handler, the + + container will eventually terminate within + the Pod''s termination grace + + period (unless delayed by finalizers). + Other management of the container blocks + until the hook completes + + or until the termination grace period + is reached. + + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the + container''s filesystem. The command + is simply exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) + won''t work. To use + + a shell, you need to explicitly + call out to that shell. + + Exit status of 0 is treated as + live/healthy and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object httpGet: description: HTTPGet specifies the http request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect + to, defaults to the pod IP. You + probably want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set @@ -14147,9 +19398,13 @@ spec: HTTP probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized + upon output, so case-variant + names will be understood + as the same header.' type: string value: description: The header field @@ -14160,6 +19415,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -14168,15 +19424,19 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Name or number of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for + connecting to the host. + + Defaults to HTTP.' type: string required: - port @@ -14195,10 +19455,15 @@ spec: - seconds type: object tcpSocket: - description: |- - Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - for the backward compatibility. There are no validation of this field and - lifecycle hooks will fail in runtime when tcp handler is specified. + description: 'Deprecated. TCPSocket + is NOT supported as a LifecycleHandler + and kept + + for the backward compatibility. There + are no validation of this field and + + lifecycle hooks will fail in runtime + when tcp handler is specified.' properties: host: description: 'Optional: Host name @@ -14209,10 +19474,13 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + description: 'Number or name of + the port to access on the container. + + Number must be in the range 1 + to 65535. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port @@ -14220,31 +19488,47 @@ spec: type: object type: object livenessProbe: - description: |- - Periodic probe of container liveness. + description: 'Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -14258,12 +19542,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -14273,9 +19560,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -14287,9 +19576,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -14300,6 +19593,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -14308,35 +19602,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -14351,59 +19655,100 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - format: int32 + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 type: integer type: object name: - description: |- - Name of the container specified as a DNS_LABEL. - Each container in a pod must have a unique name (DNS_LABEL). - Cannot be updated. + description: 'Name of the container specified + as a DNS_LABEL. + + Each container in a pod must have a unique + name (DNS_LABEL). + + Cannot be updated.' type: string ports: - description: |- - List of ports to expose from the container. Not specifying a port here - DOES NOT prevent that port from being exposed. Any port which is - listening on the default "0.0.0.0" address inside a container will be + description: 'List of ports to expose from the + container. Not specifying a port here + + DOES NOT prevent that port from being exposed. + Any port which is + + listening on the default "0.0.0.0" address + inside a container will be + accessible from the network. - Modifying this array with strategic merge patch may corrupt the data. + + Modifying this array with strategic merge + patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. - Cannot be updated. + + Cannot be updated.' items: description: ContainerPort represents a network port in a single container. properties: containerPort: - description: |- - Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + description: 'Number of port to expose + on the pod''s IP address. + + This must be a valid port number, 0 + < x < 65536.' format: int32 type: integer hostIP: @@ -14411,24 +19756,34 @@ spec: external port to. type: string hostPort: - description: |- - Number of port to expose on the host. - If specified, this must be a valid port number, 0 < x < 65536. - If HostNetwork is specified, this must match ContainerPort. - Most containers do not need this. + description: 'Number of port to expose + on the host. + + If specified, this must be a valid port + number, 0 < x < 65536. + + If HostNetwork is specified, this must + match ContainerPort. + + Most containers do not need this.' format: int32 type: integer name: - description: |- - If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - named port in a pod must have a unique name. Name for the port that can be - referred to by services. + description: 'If specified, this must + be an IANA_SVC_NAME and unique within + the pod. Each + + named port in a pod must have a unique + name. Name for the port that can be + + referred to by services.' type: string protocol: default: TCP - description: |- - Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". + description: 'Protocol for port. Must + be UDP, TCP, or SCTP. + + Defaults to "TCP".' type: string required: - containerPort @@ -14439,31 +19794,49 @@ spec: - protocol x-kubernetes-list-type: map readinessProbe: - description: |- - Periodic probe of container service readiness. - Container will be removed from service endpoints if the probe fails. + description: 'Periodic probe of container service + readiness. + + Container will be removed from service endpoints + if the probe fails. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -14477,12 +19850,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -14492,9 +19868,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -14506,9 +19884,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -14519,6 +19901,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -14527,35 +19910,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -14570,33 +19963,60 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object @@ -14608,14 +20028,16 @@ spec: resource resize policy for the container. properties: resourceName: - description: |- - Name of the resource to which this resource resize policy applies. - Supported values: cpu, memory. + description: 'Name of the resource to + which this resource resize policy applies. + + Supported values: cpu, memory.' type: string restartPolicy: - description: |- - Restart policy to apply when specified resource is resized. - If not specified, it defaults to NotRequired. + description: 'Restart policy to apply + when specified resource is resized. + + If not specified, it defaults to NotRequired.' type: string required: - resourceName @@ -14624,31 +20046,43 @@ spec: type: array x-kubernetes-list-type: atomic resources: - description: |- - Compute Resources required by this container. + description: 'Compute Resources required by + this container. + Cannot be updated. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' properties: claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, + description: 'Claims lists the names of + resources, defined in spec.resourceClaims, + that are used by this container. - This is an alpha field and requires enabling the + + This is an alpha field and requires enabling + the + DynamicResourceAllocation feature gate. - This field is immutable. It can only be set for containers. + + This field is immutable. It can only be + set for containers.' items: description: ResourceClaim references one entry in PodSpec.ResourceClaims. properties: name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. + description: 'Name must match the + name of one entry in pod.spec.resourceClaims + of + + the Pod where this field is used. + It makes that resource available + + inside a container.' type: string required: - name @@ -14664,9 +20098,10 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes the maximum + amount of compute resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -14675,52 +20110,139 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes the minimum + amount of compute resources required. + + If Requests is omitted for a container, + it defaults to Limits if that is explicitly + specified, + + otherwise to an implementation-defined + value. Requests cannot exceed Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object restartPolicy: - description: |- - RestartPolicy defines the restart behavior of individual containers in a pod. - This field may only be set for init containers, and the only allowed value is "Always". - For non-init containers or when this field is not specified, - the restart behavior is defined by the Pod's restart policy and the container type. - Setting the RestartPolicy as "Always" for the init container will have the following effect: - this init container will be continually restarted on - exit until all regular containers have terminated. Once all regular - containers have completed, all init containers with restartPolicy "Always" - will be shut down. This lifecycle differs from normal init containers and - is often referred to as a "sidecar" container. Although this init - container still starts in the init container sequence, it does not wait - for the container to complete before proceeding to the next init - container. Instead, the next init container starts immediately after this - init container is started, or after any startupProbe has successfully - completed. + description: 'RestartPolicy defines the restart + behavior of individual containers in a pod. + + This field may only be set for init containers, + and the only allowed value is "Always". + + For non-init containers or when this field + is not specified, + + the restart behavior is defined by the Pod''s + restart policy and the container type. + + Setting the RestartPolicy as "Always" for + the init container will have the following + effect: + + this init container will be continually restarted + on + + exit until all regular containers have terminated. + Once all regular + + containers have completed, all init containers + with restartPolicy "Always" + + will be shut down. This lifecycle differs + from normal init containers and + + is often referred to as a "sidecar" container. + Although this init + + container still starts in the init container + sequence, it does not wait + + for the container to complete before proceeding + to the next init + + container. Instead, the next init container + starts immediately after this + + init container is started, or after any startupProbe + has successfully + + completed.' type: string securityContext: - description: |- - SecurityContext defines the security options the container should be run with. - If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + description: 'SecurityContext defines the security + options the container should be run with. + + If set, the fields of SecurityContext override + the equivalent fields of PodSecurityContext. + + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' properties: allowPrivilegeEscalation: - description: |- - AllowPrivilegeEscalation controls whether a process can gain more - privileges than its parent process. This bool directly controls if - the no_new_privs flag will be set on the container process. - AllowPrivilegeEscalation is true always when the container is: + description: 'AllowPrivilegeEscalation controls + whether a process can gain more + + privileges than its parent process. This + bool directly controls if + + the no_new_privs flag will be set on the + container process. + + AllowPrivilegeEscalation is true always + when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean + appArmorProfile: + description: 'appArmorProfile is the AppArmor + options to use by this container. If set, + this profile + + overrides the pod''s appArmorProfile. + + Note that this field cannot be set when + spec.os.name is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates + a profile loaded on the node that + should be used. + + The profile must be preconfigured + on the node to work. + + Must match the loaded name of the + profile. + + Must be set if and only if type is + "Localhost".' + type: string + type: + description: "type indicates which kind\ + \ of AppArmor profile will be applied.\n\ + Valid options are:\n Localhost -\ + \ a profile pre-loaded on the node.\n\ + \ RuntimeDefault - the container\ + \ runtime's default profile.\n Unconfined\ + \ - no AppArmor enforcement." + type: string + required: + - type + type: object capabilities: - description: |- - The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the container runtime. - Note that this field cannot be set when spec.os.name is windows. + description: 'The capabilities to add/drop + when running containers. + + Defaults to the default set of capabilities + granted by the container runtime. + + Note that this field cannot be set when + spec.os.name is windows.' properties: add: description: Added capabilities @@ -14729,6 +20251,7 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic drop: description: Removed capabilities items: @@ -14736,62 +20259,113 @@ spec: POSIX capabilities type type: string type: array + x-kubernetes-list-type: atomic type: object privileged: - description: |- - Run container in privileged mode. - Processes in privileged containers are essentially equivalent to root on the host. + description: 'Run container in privileged + mode. + + Processes in privileged containers are + essentially equivalent to root on the + host. + Defaults to false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean procMount: - description: |- - procMount denotes the type of proc mount to use for the containers. - The default is DefaultProcMount which uses the container runtime defaults for + description: 'procMount denotes the type + of proc mount to use for the containers. + + The default is DefaultProcMount which + uses the container runtime defaults for + readonly paths and masked paths. - This requires the ProcMountType feature flag to be enabled. - Note that this field cannot be set when spec.os.name is windows. + + This requires the ProcMountType feature + flag to be enabled. + + Note that this field cannot be set when + spec.os.name is windows.' type: string readOnlyRootFilesystem: - description: |- - Whether this container has a read-only root filesystem. + description: 'Whether this container has + a read-only root filesystem. + Default is false. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' type: boolean runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint + of the container process. + Uses runtime default if unset. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'Indicates that the container + must run as a non-root user. + + If true, the Kubelet will validate the + image at runtime to ensure that it + + does not run as UID 0 (root) and fail + to start the container if it does. + + If unset or false, no such validation + will be performed. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The UID to run the entrypoint + of the container process. + + Defaults to user specified in image metadata + if unspecified. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is windows. + description: 'The SELinux context to be + applied to the container. + + If unspecified, the container runtime + will allocate a random SELinux context + for each + + container. May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence. + + Note that this field cannot be set when + spec.os.name is windows.' properties: level: description: Level is SELinux level @@ -14811,44 +20385,76 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by this container. If seccomp options are - provided at both the pod & container level, the container options + description: 'The seccomp options to use + by this container. If seccomp options + are + + provided at both the pod & container level, + the container options + override the pod options. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when + spec.os.name is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + description: 'localhostProfile indicates + a profile defined in a file on the + node should be used. + + The profile must be preconfigured + on the node to work. + + Must be a descending path, relative + to the kubelet''s configured seccomp + profile location. + + Must be set if type is "Localhost". + Must NOT be set for any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind + of seccomp profile will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a + file on the node should be used. + + RuntimeDefault - the container runtime + default profile should be used. + + Unconfined - no profile should be + applied.' type: string required: - type type: object windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options from the PodSecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings + applied to all containers. + + If unspecified, the options from the PodSecurityContext + will be used. + + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence. + + Note that this field cannot be set when + spec.os.name is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is + where the GMSA admission webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the + + GMSA credential spec named by the + GMSACredentialSpecName field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName @@ -14856,50 +20462,91 @@ spec: spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines + if a container should be run as a + ''Host Process'' container. + + All of a Pod''s containers must have + the same effective HostProcess value + + (it is not allowed to have a mix of + HostProcess containers and non-HostProcess + containers). + + In addition, if HostProcess is true + then HostNetwork must also be set + to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'The UserName in Windows + to run the entrypoint of the container + process. + + Defaults to the user specified in + image metadata if unspecified. + + May also be set in PodSecurityContext. + If set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: string type: object type: object startupProbe: - description: |- - StartupProbe indicates that the Pod has successfully initialized. - If specified, no other probes are executed until this completes successfully. - If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. - This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, - when it might take a long time to load data or warm a cache, than during steady-state operation. + description: 'StartupProbe indicates that the + Pod has successfully initialized. + + If specified, no other probes are executed + until this completes successfully. + + If this probe fails, the Pod will be restarted, + just as if the livenessProbe failed. + + This can be used to provide different probe + parameters at the beginning of a Pod''s lifecycle, + + when it might take a long time to load data + or warm a cache, than during steady-state + operation. + This cannot be updated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: exec: description: Exec specifies the action to take. properties: command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + description: 'Command is the command + line to execute inside the container, + the working directory for the + + command is root (''/'') in the container''s + filesystem. The command is simply + exec''d, it is + + not run inside a shell, so traditional + shell instructions (''|'', etc) won''t + work. To use + + a shell, you need to explicitly call + out to that shell. + + Exit status of 0 is treated as live/healthy + and non-zero is unhealthy.' items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. + description: 'Minimum consecutive failures + for the probe to be considered failed + after having succeeded. + + Defaults to 3. Minimum value is 1.' format: int32 type: integer grpc: @@ -14913,12 +20560,15 @@ spec: format: int32 type: integer service: - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest + description: 'Service is the name of + the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - If this is not specified, the default behavior is defined by gRPC. + + If this is not specified, the default + behavior is defined by gRPC.' type: string required: - port @@ -14928,9 +20578,11 @@ spec: request to perform. properties: host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. + description: 'Host name to connect to, + defaults to the pod IP. You probably + want to set + + "Host" in httpHeaders instead.' type: string httpHeaders: description: Custom headers to set in @@ -14942,9 +20594,13 @@ spec: probes properties: name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. + description: 'The header field + name. + + This will be canonicalized upon + output, so case-variant names + will be understood as the same + header.' type: string value: description: The header field @@ -14955,6 +20611,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: description: Path to access on the HTTP server. @@ -14963,35 +20620,45 @@ spec: anyOf: - type: integer - type: string - description: |- - Name or number of the port to access on the container. + description: 'Name or number of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. + description: 'Scheme to use for connecting + to the host. + + Defaults to HTTP.' type: string required: - port type: object initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after the + container has started before liveness + probes are initiated. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. + description: 'How often (in seconds) to + perform the probe. + + Default to 10 seconds. Minimum value is + 1.' format: int32 type: integer successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + description: 'Minimum consecutive successes + for the probe to be considered successful + after having failed. + + Defaults to 1. Must be 1 for liveness + and startup. Minimum value is 1.' format: int32 type: integer tcpSocket: @@ -15006,76 +20673,143 @@ spec: anyOf: - type: integer - type: string - description: |- - Number or name of the port to access on the container. + description: 'Number or name of the + port to access on the container. + Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. + + Name must be an IANA_SVC_NAME.' x-kubernetes-int-or-string: true required: - port type: object terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + description: 'Optional duration in seconds + the pod needs to terminate gracefully + upon probe failure. + + The grace period is the duration in seconds + after the processes running in the pod + are sent + + a termination signal and the time when + the processes are forcibly halted with + a kill signal. + + Set this value longer than the expected + cleanup time for your process. + + If this value is nil, the pod''s terminationGracePeriodSeconds + will be used. Otherwise, this + + value overrides the value provided by + the pod spec. + + Value must be non-negative integer. The + value zero indicates stop immediately + via + + the kill signal (no opportunity to shut + down). + + This is a beta field and requires enabling + ProbeTerminationGracePeriod feature gate. + + Minimum value is 1. spec.terminationGracePeriodSeconds + is used if unset.' format: int64 type: integer timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + description: 'Number of seconds after which + the probe times out. + + Defaults to 1 second. Minimum value is + 1. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer type: object stdin: - description: |- - Whether this container should allocate a buffer for stdin in the container runtime. If this - is not set, reads from stdin in the container will always result in EOF. - Default is false. + description: 'Whether this container should + allocate a buffer for stdin in the container + runtime. If this + + is not set, reads from stdin in the container + will always result in EOF. + + Default is false.' type: boolean stdinOnce: - description: |- - Whether the container runtime should close the stdin channel after it has been opened by - a single attach. When stdin is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - first client attaches to stdin, and then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container is restarted. If this - flag is false, a container processes that reads from stdin will never receive an EOF. - Default is false + description: 'Whether the container runtime + should close the stdin channel after it has + been opened by + + a single attach. When stdin is true the stdin + stream will remain open across multiple attach + + sessions. If stdinOnce is set to true, stdin + is opened on container start, is empty until + the + + first client attaches to stdin, and then remains + open and accepts data until the client disconnects, + + at which time stdin is closed and remains + closed until the container is restarted. If + this + + flag is false, a container processes that + reads from stdin will never receive an EOF. + + Default is false' type: boolean terminationMessagePath: - description: |- - Optional: Path at which the file to which the container's termination message - will be written is mounted into the container's filesystem. - Message written is intended to be brief final status, such as an assertion failure message. - Will be truncated by the node if greater than 4096 bytes. The total message length across + description: 'Optional: Path at which the file + to which the container''s termination message + + will be written is mounted into the container''s + filesystem. + + Message written is intended to be brief final + status, such as an assertion failure message. + + Will be truncated by the node if greater than + 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. - Cannot be updated. + + Cannot be updated.' type: string terminationMessagePolicy: - description: |- - Indicate how the termination message should be populated. File will use the contents of - terminationMessagePath to populate the container status message on both success and failure. - FallbackToLogsOnError will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + description: 'Indicate how the termination message + should be populated. File will use the contents + of + + terminationMessagePath to populate the container + status message on both success and failure. + + FallbackToLogsOnError will use the last chunk + of container log output if the termination + + message file is empty and the container exited + with an error. + + The log output is limited to 2048 bytes or + 80 lines, whichever is smaller. + Defaults to File. - Cannot be updated. + + Cannot be updated.' type: string tty: - description: |- - Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - Default is false. + description: 'Whether this container should + allocate a TTY for itself, also requires ''stdin'' + to be true. + + Default is false.' type: boolean volumeDevices: description: volumeDevices is the list of block @@ -15098,117 +20832,243 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - devicePath + x-kubernetes-list-type: map volumeMounts: - description: |- - Pod volumes to mount into the container's filesystem. - Cannot be updated. + description: 'Pod volumes to mount into the + container''s filesystem. + + Cannot be updated.' items: description: VolumeMount describes a mounting of a Volume within a container. properties: mountPath: - description: |- - Path within the container at which the volume should be mounted. Must - not contain ':'. + description: 'Path within the container + at which the volume should be mounted. Must + + not contain '':''.' type: string mountPropagation: - description: |- - mountPropagation determines how mounts are propagated from the host + description: 'mountPropagation determines + how mounts are propagated from the host + to container and the other way around. - When not set, MountPropagationNone is used. + + When not set, MountPropagationNone is + used. + This field is beta in 1.10. + + When RecursiveReadOnly is set to IfPossible + or to Enabled, MountPropagation must + be None or unspecified + + (which defaults to None).' type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: |- - Mounted read-only if true, read-write otherwise (false or unspecified). - Defaults to false. + description: 'Mounted read-only if true, + read-write otherwise (false or unspecified). + + Defaults to false.' type: boolean + recursiveReadOnly: + description: 'RecursiveReadOnly specifies + whether read-only mounts should be handled + + recursively. + + + + If ReadOnly is false, this field has + no meaning and must be unspecified. + + + + If ReadOnly is true, and this field + is set to Disabled, the mount is not + made + + recursively read-only. If this field + is set to IfPossible, the mount is made + + recursively read-only, if it is supported + by the container runtime. If this + + field is set to Enabled, the mount is + made recursively read-only if it is + + supported by the container runtime, + otherwise the pod will not be started + and + + an error will be generated to indicate + the reason. + + + + If this field is set to IfPossible or + Enabled, MountPropagation must be set + to + + None (or be unspecified, which defaults + to None). + + + + If this field is not specified, it is + treated as an equivalent of Disabled.' + type: string subPath: - description: |- - Path within the volume from which the container's volume should be mounted. - Defaults to "" (volume's root). + description: 'Path within the volume from + which the container''s volume should + be mounted. + + Defaults to "" (volume''s root).' type: string subPathExpr: - description: |- - Expanded path within the volume from which the container's volume should be mounted. - Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - Defaults to "" (volume's root). - SubPathExpr and SubPath are mutually exclusive. + description: 'Expanded path within the + volume from which the container''s volume + should be mounted. + + Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are + expanded using the container''s environment. + + Defaults to "" (volume''s root). + + SubPathExpr and SubPath are mutually + exclusive.' type: string required: - mountPath - name type: object type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map workingDir: - description: |- - Container's working directory. - If not specified, the container runtime's default will be used, which + description: 'Container''s working directory. + + If not specified, the container runtime''s + default will be used, which + might be configured in the container image. - Cannot be updated. + + Cannot be updated.' type: string required: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map nodeName: - description: |- - NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - the scheduler simply schedules this pod onto that node, assuming that it fits resource - requirements. + description: 'NodeName is a request to schedule this + pod onto a specific node. If it is non-empty, + + the scheduler simply schedules this pod onto that + node, assuming that it fits resource + + requirements.' type: string nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + description: 'NodeSelector is a selector which must + be true for the pod to fit on a node. + + Selector which must match a node''s labels for the + pod to be scheduled on that node. + + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' type: object x-kubernetes-map-type: atomic os: - description: |- - Specifies the OS of the containers in the pod. - Some pod and container fields are restricted if this is set. + description: 'Specifies the OS of the containers in + the pod. + Some pod and container fields are restricted if + this is set. + + + + If the OS field is set to linux, the following fields + must be unset: - If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions - If the OS field is set to windows, following fields must be unset: + + If the OS field is set to windows, following fields + must be unset: + - spec.hostPID + - spec.hostIPC + - spec.hostUsers + + - spec.securityContext.appArmorProfile + - spec.securityContext.seLinuxOptions + - spec.securityContext.seccompProfile + - spec.securityContext.fsGroup + - spec.securityContext.fsGroupChangePolicy + - spec.securityContext.sysctls + - spec.shareProcessNamespace + - spec.securityContext.runAsUser + - spec.securityContext.runAsGroup + - spec.securityContext.supplementalGroups + + - spec.containers[*].securityContext.appArmorProfile + - spec.containers[*].securityContext.seLinuxOptions + - spec.containers[*].securityContext.seccompProfile + - spec.containers[*].securityContext.capabilities + - spec.containers[*].securityContext.readOnlyRootFilesystem + - spec.containers[*].securityContext.privileged + - spec.containers[*].securityContext.allowPrivilegeEscalation + - spec.containers[*].securityContext.procMount + - spec.containers[*].securityContext.runAsUser - - spec.containers[*].securityContext.runAsGroup + + - spec.containers[*].securityContext.runAsGroup' properties: name: - description: |- - Name is the name of the operating system. The currently supported values are linux and windows. - Additional value may be defined in future and can be one of: + description: 'Name is the name of the operating + system. The currently supported values are linux + and windows. + + Additional value may be defined in future and + can be one of: + https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration - Clients should expect to handle additional values and treat unrecognized values in this field as os: null + + Clients should expect to handle additional values + and treat unrecognized values in this field + as os: null' type: string required: - name @@ -15220,45 +21080,78 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. - This field will be autopopulated at admission time by the RuntimeClass admission controller. If - the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. - The RuntimeClass admission controller will reject Pod create requests which have the overhead already - set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value - defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. - More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md + description: 'Overhead represents the resource overhead + associated with running a pod for a given RuntimeClass. + + This field will be autopopulated at admission time + by the RuntimeClass admission controller. If + + the RuntimeClass admission controller is enabled, + overhead must not be set in Pod create requests. + + The RuntimeClass admission controller will reject + Pod create requests which have the overhead already + + set. If RuntimeClass is configured and selected + in the PodSpec, Overhead will be set to the value + + defined in the corresponding RuntimeClass, otherwise + it will remain unset and treated as zero. + + More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md' type: object preemptionPolicy: - description: |- - PreemptionPolicy is the Policy for preempting pods with lower priority. + description: 'PreemptionPolicy is the Policy for preempting + pods with lower priority. + One of Never, PreemptLowerPriority. - Defaults to PreemptLowerPriority if unset. + + Defaults to PreemptLowerPriority if unset.' type: string priority: - description: |- - The priority value. Various system components use this field to find the - priority of the pod. When Priority Admission Controller is enabled, it - prevents users from setting this field. The admission controller populates + description: 'The priority value. Various system components + use this field to find the + + priority of the pod. When Priority Admission Controller + is enabled, it + + prevents users from setting this field. The admission + controller populates + this field from PriorityClassName. - The higher the value, the higher the priority. + + The higher the value, the higher the priority.' format: int32 type: integer priorityClassName: - description: |- - If specified, indicates the pod's priority. "system-node-critical" and - "system-cluster-critical" are two special keywords which indicate the - highest priorities with the former being the highest priority. Any other - name must be defined by creating a PriorityClass object with that name. - If not specified, the pod priority will be default or zero if there is no - default. + description: 'If specified, indicates the pod''s priority. + "system-node-critical" and + + "system-cluster-critical" are two special keywords + which indicate the + + highest priorities with the former being the highest + priority. Any other + + name must be defined by creating a PriorityClass + object with that name. + + If not specified, the pod priority will be default + or zero if there is no + + default.' type: string readinessGates: - description: |- - If specified, all readiness gates will be evaluated for pod readiness. - A pod is ready when all its containers are ready AND - all conditions specified in the readiness gates have status equal to "True" - More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates + description: 'If specified, all readiness gates will + be evaluated for pod readiness. + + A pod is ready when all its containers are ready + AND + + all conditions specified in the readiness gates + have status equal to "True" + + More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates' items: description: PodReadinessGate contains the reference to a pod condition @@ -15272,55 +21165,86 @@ spec: - conditionType type: object type: array + x-kubernetes-list-type: atomic resourceClaims: - description: |- - ResourceClaims defines which ResourceClaims must be allocated - and reserved before the Pod is allowed to start. The resources - will be made available to those containers which consume them + description: 'ResourceClaims defines which ResourceClaims + must be allocated + + and reserved before the Pod is allowed to start. + The resources + + will be made available to those containers which + consume them + by name. + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. - This field is immutable. + + This field is immutable.' items: - description: |- - PodResourceClaim references exactly one ResourceClaim through a ClaimSource. - It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. - Containers that need access to the ResourceClaim reference it with this name. + description: 'PodResourceClaim references exactly + one ResourceClaim through a ClaimSource. + + It adds a name to it that uniquely identifies + the ResourceClaim inside the Pod. + + Containers that need access to the ResourceClaim + reference it with this name.' properties: name: - description: |- - Name uniquely identifies this resource claim inside the pod. - This must be a DNS_LABEL. + description: 'Name uniquely identifies this + resource claim inside the pod. + + This must be a DNS_LABEL.' type: string source: description: Source describes where to find the ResourceClaim. properties: resourceClaimName: - description: |- - ResourceClaimName is the name of a ResourceClaim object in the same - namespace as this pod. + description: 'ResourceClaimName is the name + of a ResourceClaim object in the same + + namespace as this pod.' type: string resourceClaimTemplateName: - description: |- - ResourceClaimTemplateName is the name of a ResourceClaimTemplate + description: 'ResourceClaimTemplateName + is the name of a ResourceClaimTemplate + object in the same namespace as this pod. - The template will be used to create a new ResourceClaim, which will - be bound to this pod. When this pod is deleted, the ResourceClaim - will also be deleted. The pod name and resource name, along with a - generated component, will be used to form a unique name for the - ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. + The template will be used to create a + new ResourceClaim, which will + + be bound to this pod. When this pod is + deleted, the ResourceClaim + + will also be deleted. The pod name and + resource name, along with a + + generated component, will be used to form + a unique name for the + + ResourceClaim, which will be recorded + in pod.status.resourceClaimStatuses. + + + + This field is immutable and no changes + will be made to the - This field is immutable and no changes will be made to the - corresponding ResourceClaim by the control plane after creating the - ResourceClaim. + corresponding ResourceClaim by the control + plane after creating the + + ResourceClaim.' type: string type: object required: @@ -15331,44 +21255,61 @@ spec: - name x-kubernetes-list-type: map restartPolicy: - description: |- - Restart policy for all containers within the pod. - One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. + description: 'Restart policy for all containers within + the pod. + + One of Always, OnFailure, Never. In some contexts, + only a subset of those values may be permitted. + Default to Always. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy' type: string runtimeClassName: - description: |- - RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used - to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. - If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an + description: 'RuntimeClassName refers to a RuntimeClass + object in the node.k8s.io group, which should be + used + + to run this pod. If no RuntimeClass resource matches + the named class, the pod will not be run. + + If unset or empty, the "legacy" RuntimeClass will + be used, which is an implicit class with an + empty definition that uses the default runtime handler. - More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class + + More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class' type: string schedulerName: - description: |- - If specified, the pod will be dispatched by specified scheduler. - If not specified, the pod will be dispatched by default scheduler. + description: 'If specified, the pod will be dispatched + by specified scheduler. + + If not specified, the pod will be dispatched by + default scheduler.' type: string schedulingGates: - description: |- - SchedulingGates is an opaque list of values that if specified will block scheduling the pod. - If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the - scheduler will not attempt to schedule the pod. + description: 'SchedulingGates is an opaque list of + values that if specified will block scheduling the + pod. + If schedulingGates is not empty, the pod will stay + in the SchedulingGated state and the + + scheduler will not attempt to schedule the pod. - SchedulingGates can only be set at pod creation time, and be removed only afterwards. - This is a beta feature enabled by the PodSchedulingReadiness feature gate. + SchedulingGates can only be set at pod creation + time, and be removed only afterwards.' items: description: PodSchedulingGate is associated to a Pod to guard its scheduling. properties: name: - description: |- - Name of the scheduling gate. - Each scheduling gate must have a unique name field. + description: 'Name of the scheduling gate. + + Each scheduling gate must have a unique name + field.' type: string required: - name @@ -15378,73 +21319,164 @@ spec: - name x-kubernetes-list-type: map securityContext: - description: |- - SecurityContext holds pod-level security attributes and common container settings. - Optional: Defaults to empty. See type description for default values of each field. + description: 'SecurityContext holds pod-level security + attributes and common container settings. + + Optional: Defaults to empty. See type description + for default values of each field.' properties: + appArmorProfile: + description: 'appArmorProfile is the AppArmor + options to use by the containers in this pod. + + Note that this field cannot be set when spec.os.name + is windows.' + properties: + localhostProfile: + description: 'localhostProfile indicates a + profile loaded on the node that should be + used. + + The profile must be preconfigured on the + node to work. + + Must match the loaded name of the profile. + + Must be set if and only if type is "Localhost".' + type: string + type: + description: "type indicates which kind of\ + \ AppArmor profile will be applied.\nValid\ + \ options are:\n Localhost - a profile\ + \ pre-loaded on the node.\n RuntimeDefault\ + \ - the container runtime's default profile.\n\ + \ Unconfined - no AppArmor enforcement." + type: string + required: + - type + type: object fsGroup: - description: |- - A special supplemental group that applies to all containers in a pod. - Some volume types allow the Kubelet to change the ownership of that volume + description: 'A special supplemental group that + applies to all containers in a pod. + + Some volume types allow the Kubelet to change + the ownership of that volume + to be owned by the pod: + 1. The owning GID will be the FSGroup - 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) - 3. The permission bits are OR'd with rw-rw---- + + 2. The setgid bit is set (new files created + in the volume will be owned by FSGroup) + + 3. The permission bits are OR''d with rw-rw---- + - If unset, the Kubelet will not modify the ownership and permissions of any volume. - Note that this field cannot be set when spec.os.name is windows. + If unset, the Kubelet will not modify the ownership + and permissions of any volume. + + Note that this field cannot be set when spec.os.name + is windows.' format: int64 type: integer fsGroupChangePolicy: - description: |- - fsGroupChangePolicy defines behavior of changing ownership and permission of the volume - before being exposed inside Pod. This field will only apply to - volume types which support fsGroup based ownership(and permissions). - It will have no effect on ephemeral volume types such as: secret, configmaps + description: 'fsGroupChangePolicy defines behavior + of changing ownership and permission of the + volume + + before being exposed inside Pod. This field + will only apply to + + volume types which support fsGroup based ownership(and + permissions). + + It will have no effect on ephemeral volume types + such as: secret, configmaps + and emptydir. - Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. - Note that this field cannot be set when spec.os.name is windows. + + Valid values are "OnRootMismatch" and "Always". + If not specified, "Always" is used. + + Note that this field cannot be set when spec.os.name + is windows.' type: string runAsGroup: - description: |- - The GID to run the entrypoint of the container process. + description: 'The GID to run the entrypoint of + the container process. + Uses runtime default if unset. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence + + May also be set in SecurityContext. If set + in both SecurityContext and + + PodSecurityContext, the value specified in SecurityContext + takes precedence + for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name + is windows.' format: int64 type: integer runAsNonRoot: - description: |- - Indicates that the container must run as a non-root user. - If true, the Kubelet will validate the image at runtime to ensure that it - does not run as UID 0 (root) and fail to start the container if it does. - If unset or false, no such validation will be performed. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'Indicates that the container must + run as a non-root user. + + If true, the Kubelet will validate the image + at runtime to ensure that it + + does not run as UID 0 (root) and fail to start + the container if it does. + + If unset or false, no such validation will be + performed. + + May also be set in SecurityContext. If set + in both SecurityContext and + + PodSecurityContext, the value specified in SecurityContext + takes precedence.' type: boolean runAsUser: - description: |- - The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. - May also be set in SecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence + description: 'The UID to run the entrypoint of + the container process. + + Defaults to user specified in image metadata + if unspecified. + + May also be set in SecurityContext. If set + in both SecurityContext and + + PodSecurityContext, the value specified in SecurityContext + takes precedence + for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name + is windows.' format: int64 type: integer seLinuxOptions: - description: |- - The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random SELinux context for each - container. May also be set in SecurityContext. If set in - both SecurityContext and PodSecurityContext, the value specified in SecurityContext + description: 'The SELinux context to be applied + to all containers. + + If unspecified, the container runtime will allocate + a random SELinux context for each + + container. May also be set in SecurityContext. If + set in + + both SecurityContext and PodSecurityContext, + the value specified in SecurityContext + takes precedence for that container. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name + is windows.' properties: level: description: Level is SELinux level label @@ -15464,48 +21496,79 @@ spec: type: string type: object seccompProfile: - description: |- - The seccomp options to use by the containers in this pod. - Note that this field cannot be set when spec.os.name is windows. + description: 'The seccomp options to use by the + containers in this pod. + + Note that this field cannot be set when spec.os.name + is windows.' properties: localhostProfile: - description: |- - localhostProfile indicates a profile defined in a file on the node should be used. - The profile must be preconfigured on the node to work. - Must be a descending path, relative to the kubelet's configured seccomp profile location. - Must be set if type is "Localhost". Must NOT be set for any other type. + description: 'localhostProfile indicates a + profile defined in a file on the node should + be used. + + The profile must be preconfigured on the + node to work. + + Must be a descending path, relative to the + kubelet''s configured seccomp profile location. + + Must be set if type is "Localhost". Must + NOT be set for any other type.' type: string type: - description: |- - type indicates which kind of seccomp profile will be applied. + description: 'type indicates which kind of + seccomp profile will be applied. + Valid options are: - Localhost - a profile defined in a file on the node should be used. - RuntimeDefault - the container runtime default profile should be used. - Unconfined - no profile should be applied. + + Localhost - a profile defined in a file + on the node should be used. + + RuntimeDefault - the container runtime default + profile should be used. + + Unconfined - no profile should be applied.' type: string required: - type type: object supplementalGroups: - description: |- - A list of groups applied to the first process run in each container, in addition - to the container's primary GID, the fsGroup (if specified), and group memberships - defined in the container image for the uid of the container process. If unspecified, - no additional groups are added to any container. Note that group memberships - defined in the container image for the uid of the container process are still effective, + description: 'A list of groups applied to the + first process run in each container, in addition + + to the container''s primary GID, the fsGroup + (if specified), and group memberships + + defined in the container image for the uid of + the container process. If unspecified, + + no additional groups are added to any container. + Note that group memberships + + defined in the container image for the uid of + the container process are still effective, + even if they are not included in this list. - Note that this field cannot be set when spec.os.name is windows. + + Note that this field cannot be set when spec.os.name + is windows.' items: format: int64 type: integer type: array + x-kubernetes-list-type: atomic sysctls: - description: |- - Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported - sysctls (by the container runtime) might fail to launch. - Note that this field cannot be set when spec.os.name is windows. + description: 'Sysctls hold a list of namespaced + sysctls used for the pod. Pods with unsupported + + sysctls (by the container runtime) might fail + to launch. + + Note that this field cannot be set when spec.os.name + is windows.' items: description: Sysctl defines a kernel parameter to be set @@ -15521,299 +21584,518 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: - description: |- - The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext will be used. - If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - Note that this field cannot be set when spec.os.name is linux. + description: 'The Windows specific settings applied + to all containers. + + If unspecified, the options within a container''s + SecurityContext will be used. + + If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes + precedence. + + Note that this field cannot be set when spec.os.name + is linux.' properties: gmsaCredentialSpec: - description: |- - GMSACredentialSpec is where the GMSA admission webhook - (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - GMSA credential spec named by the GMSACredentialSpecName field. + description: 'GMSACredentialSpec is where + the GMSA admission webhook + + (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the + + GMSA credential spec named by the GMSACredentialSpecName + field.' type: string gmsaCredentialSpecName: description: GMSACredentialSpecName is the name of the GMSA credential spec to use. type: string hostProcess: - description: |- - HostProcess determines if a container should be run as a 'Host Process' container. - All of a Pod's containers must have the same effective HostProcess value - (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - In addition, if HostProcess is true then HostNetwork must also be set to true. + description: 'HostProcess determines if a + container should be run as a ''Host Process'' + container. + + All of a Pod''s containers must have the + same effective HostProcess value + + (it is not allowed to have a mix of HostProcess + containers and non-HostProcess containers). + + In addition, if HostProcess is true then + HostNetwork must also be set to true.' type: boolean runAsUserName: - description: |- - The UserName in Windows to run the entrypoint of the container process. - Defaults to the user specified in image metadata if unspecified. - May also be set in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext takes precedence. + description: 'The UserName in Windows to run + the entrypoint of the container process. + + Defaults to the user specified in image + metadata if unspecified. + + May also be set in PodSecurityContext. If + set in both SecurityContext and + + PodSecurityContext, the value specified + in SecurityContext takes precedence.' type: string type: object type: object serviceAccount: - description: |- - DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. - Deprecated: Use serviceAccountName instead. + description: 'DeprecatedServiceAccount is a deprecated + alias for ServiceAccountName. + + Deprecated: Use serviceAccountName instead.' type: string serviceAccountName: - description: |- - ServiceAccountName is the name of the ServiceAccount to use to run this pod. - More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + description: 'ServiceAccountName is the name of the + ServiceAccount to use to run this pod. + + More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/' type: string setHostnameAsFQDN: - description: |- - If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). - In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). - In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. + description: 'If true the pod''s hostname will be + configured as the pod''s FQDN, rather than the leaf + name (the default). + + In Linux containers, this means setting the FQDN + in the hostname field of the kernel (the nodename + field of struct utsname). + + In Windows containers, this means setting the registry + value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters + to FQDN. + If a pod does not have FQDN, this has no effect. - Default to false. + + Default to false.' type: boolean shareProcessNamespace: - description: |- - Share a single process namespace between all of the containers in a pod. - When this is set containers will be able to view and signal processes from other containers - in the same pod, and the first process in each container will not be assigned PID 1. - HostPID and ShareProcessNamespace cannot both be set. - Optional: Default to false. + description: 'Share a single process namespace between + all of the containers in a pod. + + When this is set containers will be able to view + and signal processes from other containers + + in the same pod, and the first process in each container + will not be assigned PID 1. + + HostPID and ShareProcessNamespace cannot both be + set. + + Optional: Default to false.' type: boolean subdomain: - description: |- - If specified, the fully qualified Pod hostname will be "...svc.". - If not specified, the pod will not have a domainname at all. + description: 'If specified, the fully qualified Pod + hostname will be "...svc.". + + If not specified, the pod will not have a domainname + at all.' type: string terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. - Value must be non-negative integer. The value zero indicates stop immediately via + description: 'Optional duration in seconds the pod + needs to terminate gracefully. May be decreased + in delete request. + + Value must be non-negative integer. The value zero + indicates stop immediately via + the kill signal (no opportunity to shut down). - If this value is nil, the default grace period will be used instead. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - Defaults to 30 seconds. + + If this value is nil, the default grace period will + be used instead. + + The grace period is the duration in seconds after + the processes running in the pod are sent + + a termination signal and the time when the processes + are forcibly halted with a kill signal. + + Set this value longer than the expected cleanup + time for your process. + + Defaults to 30 seconds.' format: int64 type: integer tolerations: description: If specified, the pod's tolerations. items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: 'The pod this Toleration is attached + to tolerates any taint that matches + + the triple using the matching + operator .' properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: 'Effect indicates the taint effect + to match. Empty means match all taint effects. + + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute.' type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: 'Key is the taint key that the + toleration applies to. Empty means match all + taint keys. + + If the key is empty, operator must be Exists; + this combination means to match all values + and all keys.' type: string operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. + description: 'Operator represents a key''s relationship + to the value. + + Valid operators are Exists and Equal. Defaults + to Equal. + + Exists is equivalent to wildcard for value, + so that a pod can + + tolerate all taints of a particular category.' type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: 'TolerationSeconds represents the + period of time the toleration (which must + be + + of effect NoExecute, otherwise this field + is ignored) tolerates the taint. By default, + + it is not set, which means tolerate the taint + forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system.' format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: 'Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should + be empty, otherwise just a regular string.' type: string type: object type: array + x-kubernetes-list-type: atomic topologySpreadConstraints: - description: |- - TopologySpreadConstraints describes how a group of pods ought to spread across topology - domains. Scheduler will schedule pods in a way which abides by the constraints. - All topologySpreadConstraints are ANDed. + description: 'TopologySpreadConstraints describes + how a group of pods ought to spread across topology + + domains. Scheduler will schedule pods in a way which + abides by the constraints. + + All topologySpreadConstraints are ANDed.' items: description: TopologySpreadConstraint specifies how to spread matching pods among the given topology. properties: labelSelector: - description: |- - LabelSelector is used to find matching pods. - Pods that match this label selector are counted to determine the number of pods - in their corresponding topology domain. + description: 'LabelSelector is used to find + matching pods. + + Pods that match this label selector are counted + to determine the number of pods + + in their corresponding topology domain.' properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector requirement + is a selector that contains values, + a key, and an operator that + + relates the key and values.' properties: key: description: key is the label key that the selector applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator represents + a key''s relationship to a set of + values. + + Valid operators are In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is an array of + string values. If the operator is + In or NotIn, + + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + + the values array must be empty. + This array is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + + map is equivalent to an element of matchExpressions, + whose key field is "key", the + + operator is "In", and the values array + contains only "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic matchLabelKeys: - description: |- - MatchLabelKeys is a set of pod label keys to select the pods over which - spreading will be calculated. The keys are used to lookup values from the - incoming pod labels, those key-value labels are ANDed with labelSelector - to select the group of existing pods over which spreading will be calculated - for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - MatchLabelKeys cannot be set when LabelSelector isn't set. - Keys that don't exist in the incoming pod labels will - be ignored. A null or empty list means only match against labelSelector. - - - This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + description: 'MatchLabelKeys is a set of pod + label keys to select the pods over which + + spreading will be calculated. The keys are + used to lookup values from the + + incoming pod labels, those key-value labels + are ANDed with labelSelector + + to select the group of existing pods over + which spreading will be calculated + + for the incoming pod. The same key is forbidden + to exist in both MatchLabelKeys and LabelSelector. + + MatchLabelKeys cannot be set when LabelSelector + isn''t set. + + Keys that don''t exist in the incoming pod + labels will + + be ignored. A null or empty list means only + match against labelSelector. + + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread + feature gate to be enabled (enabled by default).' items: type: string type: array x-kubernetes-list-type: atomic maxSkew: - description: |- - MaxSkew describes the degree to which pods may be unevenly distributed. - When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - between the number of matching pods in the target topology and the global minimum. - The global minimum is the minimum number of matching pods in an eligible domain - or zero if the number of eligible domains is less than MinDomains. - For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + description: 'MaxSkew describes the degree to + which pods may be unevenly distributed. + + When `whenUnsatisfiable=DoNotSchedule`, it + is the maximum permitted difference + + between the number of matching pods in the + target topology and the global minimum. + + The global minimum is the minimum number of + matching pods in an eligible domain + + or zero if the number of eligible domains + is less than MinDomains. + + For example, in a 3-zone cluster, MaxSkew + is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | - - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + + - if MaxSkew is 1, incoming pod can only be + scheduled to zone3 to become 2/2/2; + + scheduling it onto zone1(zone2) would make + the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). - - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + + - if MaxSkew is 2, incoming pod can be scheduled + onto any zone. + + When `whenUnsatisfiable=ScheduleAnyway`, it + is used to give higher precedence + to topologies that satisfy it. - It's a required field. Default value is 1 and 0 is not allowed. + + It''s a required field. Default value is 1 + and 0 is not allowed.' format: int32 type: integer minDomains: - description: |- - MinDomains indicates a minimum number of eligible domains. - When the number of eligible domains with matching topology keys is less than minDomains, - Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - And when the number of eligible domains with matching topology keys equals or greater than minDomains, + description: 'MinDomains indicates a minimum + number of eligible domains. + + When the number of eligible domains with matching + topology keys is less than minDomains, + + Pod Topology Spread treats "global minimum" + as 0, and then the calculation of Skew is + performed. + + And when the number of eligible domains with + matching topology keys equals or greater than + minDomains, + this value has no effect on scheduling. - As a result, when the number of eligible domains is less than minDomains, - scheduler won't schedule more than maxSkew Pods to those domains. - If value is nil, the constraint behaves as if MinDomains is equal to 1. + + As a result, when the number of eligible domains + is less than minDomains, + + scheduler won''t schedule more than maxSkew + Pods to those domains. + + If value is nil, the constraint behaves as + if MinDomains is equal to 1. + Valid values are integers greater than 0. - When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + When value is not nil, WhenUnsatisfiable must + be DoNotSchedule. - For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + + For example, in a 3-zone cluster, MaxSkew + is set to 2, MinDomains is set to 5 and pods + with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | - The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - In this situation, new pod with the same labelSelector cannot be scheduled, - because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - it will violate MaxSkew. + The number of domains is less than 5(MinDomains), + so "global minimum" is treated as 0. - This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + In this situation, new pod with the same labelSelector + cannot be scheduled, + + because computed skew will be 3(3 - 0) if + new Pod is scheduled to any of the three zones, + + it will violate MaxSkew.' format: int32 type: integer nodeAffinityPolicy: - description: |- - NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - when calculating pod topology spread skew. Options are: - - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + description: 'NodeAffinityPolicy indicates how + we will treat Pod''s nodeAffinity/nodeSelector + + when calculating pod topology spread skew. + Options are: + + - Honor: only nodes matching nodeAffinity/nodeSelector + are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. + All nodes are included in the calculations. - If this value is nil, the behavior is equivalent to the Honor policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + + + If this value is nil, the behavior is equivalent + to the Honor policy. + + This is a beta-level feature default enabled + by the NodeInclusionPolicyInPodTopologySpread + feature flag.' type: string nodeTaintsPolicy: - description: |- - NodeTaintsPolicy indicates how we will treat node taints when calculating + description: 'NodeTaintsPolicy indicates how + we will treat node taints when calculating + pod topology spread skew. Options are: - - Honor: nodes without taints, along with tainted nodes for which the incoming pod + + - Honor: nodes without taints, along with + tainted nodes for which the incoming pod + has a toleration, are included. - - Ignore: node taints are ignored. All nodes are included. + + - Ignore: node taints are ignored. All nodes + are included. + - If this value is nil, the behavior is equivalent to the Ignore policy. - This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + If this value is nil, the behavior is equivalent + to the Ignore policy. + + This is a beta-level feature default enabled + by the NodeInclusionPolicyInPodTopologySpread + feature flag.' type: string topologyKey: - description: |- - TopologyKey is the key of node labels. Nodes that have a label with this key - and identical values are considered to be in the same topology. - We consider each as a "bucket", and try to put balanced number + description: 'TopologyKey is the key of node + labels. Nodes that have a label with this + key + + and identical values are considered to be + in the same topology. + + We consider each as a "bucket", + and try to put balanced number + of pods into each bucket. - We define a domain as a particular instance of a topology. - Also, we define an eligible domain as a domain whose nodes meet the requirements of + + We define a domain as a particular instance + of a topology. + + Also, we define an eligible domain as a domain + whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. - e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - It's a required field. - type: string + + e.g. If TopologyKey is "kubernetes.io/hostname", + each Node is a domain of that topology. + + And, if TopologyKey is "topology.kubernetes.io/zone", + each zone is a domain of that topology. + + It''s a required field.' + type: string whenUnsatisfiable: - description: |- - WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - the spread constraint. - - DoNotSchedule (default) tells the scheduler not to schedule it. - - ScheduleAnyway tells the scheduler to schedule the pod in any location, - but giving higher precedence to topologies that would help reduce the - skew. - A constraint is considered "Unsatisfiable" for an incoming pod - if and only if every possible node assignment for that pod would violate - "MaxSkew" on some topology. - For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - labelSelector spread as 3/1/1: - | zone1 | zone2 | zone3 | - | P P P | P | P | - If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - won't make it *more* imbalanced. - It's a required field. + description: "WhenUnsatisfiable indicates how\ + \ to deal with a pod if it doesn't satisfy\n\ + the spread constraint.\n- DoNotSchedule (default)\ + \ tells the scheduler not to schedule it.\n\ + - ScheduleAnyway tells the scheduler to schedule\ + \ the pod in any location,\n but giving higher\ + \ precedence to topologies that would help\ + \ reduce the\n skew.\nA constraint is considered\ + \ \"Unsatisfiable\" for an incoming pod\n\ + if and only if every possible node assignment\ + \ for that pod would violate\n\"MaxSkew\"\ + \ on some topology.\nFor example, in a 3-zone\ + \ cluster, MaxSkew is set to 1, and pods with\ + \ the same\nlabelSelector spread as 3/1/1:\n\ + | zone1 | zone2 | zone3 |\n| P P P | P \ + \ | P |\nIf WhenUnsatisfiable is set\ + \ to DoNotSchedule, incoming pod can only\ + \ be scheduled\nto zone2(zone3) to become\ + \ 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3)\ + \ satisfies\nMaxSkew(1). In other words, the\ + \ cluster can still be imbalanced, but scheduler\n\ + won't make it *more* imbalanced.\nIt's a required\ + \ field." type: string required: - maxSkew @@ -15826,45 +22108,66 @@ spec: - whenUnsatisfiable x-kubernetes-list-type: map volumes: - description: |- - List of volumes that can be mounted by containers belonging to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes + description: 'List of volumes that can be mounted + by containers belonging to the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes' items: description: Volume represents a named volume in a pod that may be accessed by any container in the pod. properties: awsElasticBlockStore: - description: |- - awsElasticBlockStore represents an AWS Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'awsElasticBlockStore represents + an AWS Disk resource that is attached to a + + kubelet''s host machine and then exposed to + the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is + supported by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string partition: - description: |- - partition is the partition in the volume that you want to mount. - If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition as "1". - Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + description: 'partition is the partition + in the volume that you want to mount. + + If omitted, the default is to mount by + volume name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property + empty).' format: int32 type: integer readOnly: - description: |- - readOnly value true will force the readOnly setting in VolumeMounts. - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'readOnly value true will force + the readOnly setting in VolumeMounts. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: boolean volumeID: - description: |- - volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + description: 'volumeID is unique ID of the + persistent disk resource in AWS (Amazon + EBS volume). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - volumeID @@ -15887,10 +22190,14 @@ spec: disk in the blob storage type: string fsType: - description: |- - fsType is Filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is Filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified.' type: string kind: description: 'kind expected values are Shared: @@ -15900,9 +22207,10 @@ spec: availability set). defaults to shared' type: string readOnly: - description: |- - readOnly Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly Defaults to false + (read/write). ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean required: - diskName @@ -15914,9 +22222,10 @@ spec: the pod. properties: readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false + (read/write). ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretName: description: secretName is the name of @@ -15936,84 +22245,109 @@ spec: on the host that shares a pod's lifetime properties: monitors: - description: |- - monitors is Required: Monitors is a collection of Ceph monitors - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'monitors is Required: Monitors + is a collection of Ceph monitors + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic path: description: 'path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /' type: string readOnly: - description: |- - readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force + the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: boolean secretFile: - description: |- - secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'secretFile is Optional: SecretFile + is the path to key ring for User, default + is /etc/ceph/user.secret + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string secretRef: - description: |- - secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'secretRef is Optional: SecretRef + is reference to the authentication secret + for User, default is empty. + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: |- - user is optional: User is the rados user name, default is admin - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + description: 'user is optional: User is + the rados user name, default is admin + + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string required: - monitors type: object cinder: - description: |- - cinder represents a cinder volume attached and mounted on kubelets host machine. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'cinder represents a cinder volume + attached and mounted on kubelets host machine. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force + description: 'readOnly defaults to false + (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: boolean secretRef: - description: |- - secretRef is optional: points to a secret object containing parameters used to connect - to OpenStack. + description: 'secretRef is optional: points + to a secret object containing parameters + used to connect + + to OpenStack.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeID: - description: |- - volumeID used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md + description: 'volumeID used to identify + the volume in cinder. + + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string required: - volumeID @@ -16023,25 +22357,52 @@ spec: that should populate this volume properties: defaultMode: - description: |- - defaultMode is optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + description: 'defaultMode is optional: mode + bits used to set permissions on created + files by default. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + Defaults to 0644. - Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + Directories within the path are not affected + by this setting. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - ConfigMap will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, each + key-value pair in the Data field of the + referenced + + ConfigMap will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and + unlisted keys will not be + + present. If a key is specified which is + not present in the ConfigMap, + + the volume setup will error unless it + is marked optional. Paths must be + + relative and may not contain the ''..'' + path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -16050,32 +22411,53 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode + bits used to set permissions on + this file. + + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result + can be other mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative + path of the file to map the key + to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element + ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string optional: description: optional specify whether the @@ -16089,43 +22471,62 @@ spec: by certain external CSI drivers (Beta feature). properties: driver: - description: |- - driver is the name of the CSI driver that handles this volume. - Consult with your admin for the correct name as registered in the cluster. + description: 'driver is the name of the + CSI driver that handles this volume. + + Consult with your admin for the correct + name as registered in the cluster.' type: string fsType: - description: |- - fsType to mount. Ex. "ext4", "xfs", "ntfs". - If not provided, the empty value is passed to the associated CSI driver - which will determine the default filesystem to apply. + description: 'fsType to mount. Ex. "ext4", + "xfs", "ntfs". + + If not provided, the empty value is passed + to the associated CSI driver + + which will determine the default filesystem + to apply.' type: string nodePublishSecretRef: - description: |- - nodePublishSecretRef is a reference to the secret object containing - sensitive information to pass to the CSI driver to complete the CSI - NodePublishVolume and NodeUnpublishVolume calls. - This field is optional, and may be empty if no secret is required. If the - secret object contains more than one secret, all secret references are passed. + description: 'nodePublishSecretRef is a + reference to the secret object containing + + sensitive information to pass to the CSI + driver to complete the CSI + + NodePublishVolume and NodeUnpublishVolume + calls. + + This field is optional, and may be empty + if no secret is required. If the + + secret object contains more than one secret, + all secret references are passed.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic readOnly: - description: |- - readOnly specifies a read-only configuration for the volume. - Defaults to false (read/write). + description: 'readOnly specifies a read-only + configuration for the volume. + + Defaults to false (read/write).' type: boolean volumeAttributes: additionalProperties: type: string - description: |- - volumeAttributes stores driver-specific properties that are passed to the CSI - driver. Consult your driver's documentation for supported values. + description: 'volumeAttributes stores driver-specific + properties that are passed to the CSI + + driver. Consult your driver''s documentation + for supported values.' type: object required: - driver @@ -16136,15 +22537,30 @@ spec: volume properties: defaultMode: - description: |- - Optional: mode bits to use on created files by default. Must be a - Optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + description: 'Optional: mode bits to use + on created files by default. Must be a + + Optional: mode bits used to set permissions + on created files by default. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + Defaults to 0644. - Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + Directories within the path are not affected + by this setting. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer items: @@ -16158,7 +22574,8 @@ spec: fieldRef: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace are supported.' + labels, name, namespace and uid + are supported.' properties: apiVersion: description: Version of the schema @@ -16175,13 +22592,25 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: |- - Optional: mode bits used to set permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'Optional: mode bits + used to set permissions on this + file, must be an octal value + + between 0000 and 0777 or a decimal + value between 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result + can be other mode bits set.' format: int32 type: integer path: @@ -16194,9 +22623,13 @@ spec: with ''..''' type: string resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + description: 'Selects a resource of + the container: only resources limits + and requests + + (limits.cpu, limits.memory, requests.cpu + and requests.memory) are currently + supported.' properties: containerName: description: 'Container name: @@ -16224,96 +22657,143 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: - description: |- - emptyDir represents a temporary directory that shares a pod's lifetime. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + description: 'emptyDir represents a temporary + directory that shares a pod''s lifetime. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' properties: medium: - description: |- - medium represents what type of storage medium should back this directory. - The default is "" which means to use the node's default medium. + description: 'medium represents what type + of storage medium should back this directory. + + The default is "" which means to use the + node''s default medium. + Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string sizeLimit: anyOf: - type: integer - type: string - description: |- - sizeLimit is the total amount of local storage required for this EmptyDir volume. - The size limit is also applicable for memory medium. - The maximum usage on memory medium EmptyDir would be the minimum value between - the SizeLimit specified here and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + description: 'sizeLimit is the total amount + of local storage required for this EmptyDir + volume. + + The size limit is also applicable for + memory medium. + + The maximum usage on memory medium EmptyDir + would be the minimum value between + + the SizeLimit specified here and the sum + of memory limits of all containers in + a pod. + + The default is nil which means that the + limit is undefined. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true type: object ephemeral: - description: |- - ephemeral represents a volume that is handled by a cluster storage driver. - The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - and deleted when the pod is removed. + description: "ephemeral represents a volume\ + \ that is handled by a cluster storage driver.\n\ + The volume's lifecycle is tied to the pod\ + \ that defines it - it will be created before\ + \ the pod starts,\nand deleted when the pod\ + \ is removed.\n\n\nUse this if:\na) the volume\ + \ is only needed while the pod runs,\nb) features\ + \ of normal volumes like restoring from snapshot\ + \ or capacity\n tracking are needed,\nc)\ + \ the storage driver is specified through\ + \ a storage class, and\nd) the storage driver\ + \ supports dynamic volume provisioning through\n\ + \ a PersistentVolumeClaim (see EphemeralVolumeSource\ + \ for more\n information on the connection\ + \ between this volume type\n and PersistentVolumeClaim).\n\ + \n\nUse PersistentVolumeClaim or one of the\ + \ vendor-specific\nAPIs for volumes that persist\ + \ for longer than the lifecycle\nof an individual\ + \ pod.\n\n\nUse CSI for light-weight local\ + \ ephemeral volumes if the CSI driver is meant\ + \ to\nbe used that way - see the documentation\ + \ of the driver for\nmore information.\n\n\ + \nA pod can use both types of ephemeral volumes\ + \ and\npersistent volumes at the same time." + properties: + volumeClaimTemplate: + description: 'Will be used to create a stand-alone + PVC to provision the volume. + The pod in which this EphemeralVolumeSource + is embedded will be the - Use this if: - a) the volume is only needed while the pod runs, - b) features of normal volumes like restoring from snapshot or capacity - tracking are needed, - c) the storage driver is specified through a storage class, and - d) the storage driver supports dynamic volume provisioning through - a PersistentVolumeClaim (see EphemeralVolumeSource for more - information on the connection between this volume type - and PersistentVolumeClaim). + owner of the PVC, i.e. the PVC will be + deleted together with the + pod. The name of the PVC will be `-` where - Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. + `` is the name from the `PodSpec.Volumes` + array + entry. Pod validation will reject the + pod if the concatenated name - Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - be used that way - see the documentation of the driver for - more information. + is not valid for a PVC (for example, too + long). - A pod can use both types of ephemeral volumes and - persistent volumes at the same time. - properties: - volumeClaimTemplate: - description: |- - Will be used to create a stand-alone PVC to provision the volume. - The pod in which this EphemeralVolumeSource is embedded will be the - owner of the PVC, i.e. the PVC will be deleted together with the - pod. The name of the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` array - entry. Pod validation will reject the pod if the concatenated name - is not valid for a PVC (for example, too long). - - - An existing PVC with that name that is not owned by the pod - will *not* be used for the pod to avoid using an unrelated - volume by mistake. Starting the pod is then blocked until - the unrelated PVC is removed. If such a pre-created PVC is - meant to be used by the pod, the PVC has to updated with an - owner reference to the pod once the pod exists. Normally - this should not be necessary, but it may be useful when + + An existing PVC with that name that is + not owned by the pod + + will *not* be used for the pod to avoid + using an unrelated + + volume by mistake. Starting the pod is + then blocked until + + the unrelated PVC is removed. If such + a pre-created PVC is + + meant to be used by the pod, the PVC has + to updated with an + + owner reference to the pod once the pod + exists. Normally + + this should not be necessary, but it may + be useful when + manually reconstructing a broken cluster. - This field is read-only and no changes will be made by Kubernetes + + This field is read-only and no changes + will be made by Kubernetes + to the PVC after it has been created. - Required, must not be nil. + + Required, must not be nil.' properties: metadata: - description: |- - May contain labels and annotations that will be copied into the PVC - when creating it. No other fields are allowed and will be rejected during - validation. + description: 'May contain labels and + annotations that will be copied into + the PVC + + when creating it. No other fields + are allowed and will be rejected during + + validation.' properties: annotations: additionalProperties: @@ -16333,35 +22813,68 @@ spec: type: string type: object spec: - description: |- - The specification for the PersistentVolumeClaim. The entire content is - copied unchanged into the PVC that gets created from this - template. The same fields as in a PersistentVolumeClaim - are also valid here. + description: 'The specification for + the PersistentVolumeClaim. The entire + content is + + copied unchanged into the PVC that + gets created from this + + template. The same fields as in a + PersistentVolumeClaim + + are also valid here.' properties: accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + description: 'accessModes contains + the desired access modes the volume + should have. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + x-kubernetes-list-type: atomic dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + description: 'dataSource field can + be used to specify either: + + * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. + + If the provisioner or an external + controller can support the specified + data source, + + it will create a new volume based + on the contents of the specified + data source. + + When the AnyVolumeDataSource feature + gate is enabled, dataSource contents + will be copied to dataSourceRef, + + and dataSourceRef contents will + be copied to dataSource when dataSourceRef.namespace + is not specified. + + If the namespace is specified, + then dataSourceRef will not be + copied to dataSource.' properties: apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. + description: 'APIGroup is the + group for the resource being + referenced. + + If APIGroup is not specified, + the specified Kind must be + in the core API group. + + For any other third-party + types, APIGroup is required.' type: string kind: description: Kind is the type @@ -16377,36 +22890,66 @@ spec: type: object x-kubernetes-map-type: atomic dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + description: "dataSourceRef specifies\ + \ the object from which to populate\ + \ the volume with data, if a non-empty\n\ + volume is desired. This may be\ + \ any object from a non-empty\ + \ API group (non\ncore object)\ + \ or a PersistentVolumeClaim object.\n\ + When this field is specified,\ + \ volume binding will only succeed\ + \ if the type of\nthe specified\ + \ object matches some installed\ + \ volume populator or dynamic\n\ + provisioner.\nThis field will\ + \ replace the functionality of\ + \ the dataSource field and as\ + \ such\nif both fields are non-empty,\ + \ they must have the same value.\ + \ For backwards\ncompatibility,\ + \ when namespace isn't specified\ + \ in dataSourceRef,\nboth fields\ + \ (dataSource and dataSourceRef)\ + \ will be set to the same\nvalue\ + \ automatically if one of them\ + \ is empty and the other is non-empty.\n\ + When namespace is specified in\ + \ dataSourceRef,\ndataSource isn't\ + \ set to the same value and must\ + \ be empty.\nThere are three important\ + \ differences between dataSource\ + \ and dataSourceRef:\n* While\ + \ dataSource only allows two specific\ + \ types of objects, dataSourceRef\n\ + \ allows any non-core object,\ + \ as well as PersistentVolumeClaim\ + \ objects.\n* While dataSource\ + \ ignores disallowed values (dropping\ + \ them), dataSourceRef\n preserves\ + \ all values, and generates an\ + \ error if a disallowed value\ + \ is\n specified.\n* While dataSource\ + \ only allows local objects, dataSourceRef\ + \ allows objects\n in any namespaces.\n\ + (Beta) Using this field requires\ + \ the AnyVolumeDataSource feature\ + \ gate to be enabled.\n(Alpha)\ + \ Using the namespace field of\ + \ dataSourceRef requires the CrossNamespaceVolumeDataSource\ + \ feature gate to be enabled." properties: apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. + description: 'APIGroup is the + group for the resource being + referenced. + + If APIGroup is not specified, + the specified Kind must be + in the core API group. + + For any other third-party + types, APIGroup is required.' type: string kind: description: Kind is the type @@ -16417,22 +22960,43 @@ spec: of resource being referenced type: string namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + description: 'Namespace is the + namespace of resource being + referenced + + Note that when a namespace + is specified, a gateway.networking.k8s.io/ReferenceGrant + object is required in the + referent namespace to allow + that namespace''s owner to + accept the reference. See + the ReferenceGrant documentation + for details. + + (Alpha) This field requires + the CrossNamespaceVolumeDataSource + feature gate to be enabled.' type: string required: - kind - name type: object resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the + description: 'resources represents + the minimum resources the volume + should have. + + If RecoverVolumeExpansionFailure + feature is enabled users are allowed + to specify resource requirements + + that are lower than previous value + but must still be higher than + capacity recorded in the + status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: limits: additionalProperties: @@ -16441,9 +23005,11 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Limits describes + the maximum amount of compute + resources allowed. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: @@ -16452,11 +23018,20 @@ spec: - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + description: 'Requests describes + the minimum amount of compute + resources required. + + If Requests is omitted for + a container, it defaults to + Limits if that is explicitly + specified, + + otherwise to an implementation-defined + value. Requests cannot exceed + Limits. + + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object selector: @@ -16470,9 +23045,12 @@ spec: requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, a + key, and an operator that + + relates the key and values.' properties: key: description: key is the @@ -16480,58 +23058,120 @@ spec: applies to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a set + of values. + + Valid operators are + In, NotIn, Exists and + DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values is + an array of string values. + If the operator is In + or NotIn, + + the values array must + be non-empty. If the + operator is Exists or + DoesNotExist, + + the values array must + be empty. This array + is replaced during a + strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels is + a map of {key,value} pairs. + A single {key,value} in the + matchLabels + + map is equivalent to an element + of matchExpressions, whose + key field is "key", the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + description: 'storageClassName is + the name of the StorageClass required + by the claim. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + description: 'volumeAttributesClassName + may be used to set the VolumeAttributesClass + used by this claim. + + If specified, the CSI driver will + create or update the volume with + the attributes defined + + in the corresponding VolumeAttributesClass. + This has a different purpose than + storageClassName, + + it can be changed after the claim + is created. An empty string value + means that no VolumeAttributesClass + + will be applied to the claim but + it''s not allowed to reset this + field to empty string once it + is set. + + If unspecified and the PersistentVolumeClaim + is unbound, the default VolumeAttributesClass + + will be set by the persistentvolume + controller if it exists. + + If the resource referred to by + volumeAttributesClass does not + exist, this PersistentVolumeClaim + will be + + set to a Pending state, as reflected + by the modifyVolumeStatus field, + until such as a resource + exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + + (Alpha) Using this field requires + the VolumeAttributesClass feature + gate to be enabled.' type: string volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. + description: 'volumeMode defines + what type of volume is required + by the claim. + + Value of Filesystem is implied + when not included in claim spec.' type: string volumeName: description: volumeName is the binding @@ -16549,11 +23189,17 @@ spec: and then exposed to the pod. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising the machine + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string lun: description: 'lun is Optional: FC target @@ -16561,9 +23207,11 @@ spec: format: int32 type: integer readOnly: - description: |- - readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly is Optional: Defaults + to false (read/write). ReadOnly here will + force + + the ReadOnly setting in VolumeMounts.' type: boolean targetWWNs: description: 'targetWWNs is Optional: FC @@ -16571,28 +23219,37 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: - description: |- - wwids Optional: FC volume world wide identifiers (wwids) - Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + description: 'wwids Optional: FC volume + world wide identifiers (wwids) + + Either wwids or combination of targetWWNs + and lun must be set, but not both simultaneously.' items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: - description: |- - flexVolume represents a generic volume resource that is - provisioned/attached using an exec based plugin. + description: 'flexVolume represents a generic + volume resource that is + + provisioned/attached using an exec based plugin.' properties: driver: description: driver is the name of the driver to use for this volume. type: string fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". The default + filesystem depends on FlexVolume script.' type: string options: additionalProperties: @@ -16601,23 +23258,34 @@ spec: field holds extra command options if any.' type: object readOnly: - description: |- - readOnly is Optional: defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly is Optional: defaults + to false (read/write). ReadOnly here will + force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef is Optional: secretRef is reference to the secret object containing - sensitive information to pass to the plugin scripts. This may be - empty if no secret object is specified. If the secret object - contains more than one secret, all secrets are passed to the plugin - scripts. + description: 'secretRef is Optional: secretRef + is reference to the secret object containing + + sensitive information to pass to the plugin + scripts. This may be + + empty if no secret object is specified. + If the secret object + + contains more than one secret, all secrets + are passed to the plugin + + scripts.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -16631,9 +23299,11 @@ spec: running properties: datasetName: - description: |- - datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - should be considered as deprecated + description: 'datasetName is Name of the + dataset stored as metadata -> name on + the dataset for Flocker + + should be considered as deprecated' type: string datasetUUID: description: datasetUUID is the UUID of @@ -16642,55 +23312,89 @@ spec: type: string type: object gcePersistentDisk: - description: |- - gcePersistentDisk represents a GCE Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + description: 'gcePersistentDisk represents a + GCE Disk resource that is attached to a + + kubelet''s host machine and then exposed to + the pod. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' properties: fsType: - description: |- - fsType is filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is filesystem type + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is + supported by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string partition: - description: |- - partition is the partition in the volume that you want to mount. - If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition as "1". - Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + description: 'partition is the partition + in the volume that you want to mount. + + If omitted, the default is to mount by + volume name. + + Examples: For volume /dev/sda1, you specify + the partition as "1". + + Similarly, the volume partition for /dev/sda + is "0" (or you can leave the property + empty). + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' format: int32 type: integer pdName: - description: |- - pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + description: 'pdName is unique name of the + PD resource in GCE. Used to identify the + disk in GCE. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. + Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: boolean required: - pdName type: object gitRepo: - description: |- - gitRepo represents a git repository at a particular revision. - DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - into the Pod's container. + description: 'gitRepo represents a git repository + at a particular revision. + + DEPRECATED: GitRepo is deprecated. To provision + a container with a git repo, mount an + + EmptyDir into an InitContainer that clones + the repo using git, then mount the EmptyDir + + into the Pod''s container.' properties: directory: - description: |- - directory is the target directory name. - Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - git repository. Otherwise, if specified, the volume will contain the git repository in - the subdirectory with the given name. + description: 'directory is the target directory + name. + + Must not contain or start with ''..''. If + ''.'' is supplied, the volume directory + will be the + + git repository. Otherwise, if specified, + the volume will contain the git repository + in + + the subdirectory with the given name.' type: string repository: description: repository is the URL @@ -16703,61 +23407,86 @@ spec: - repository type: object glusterfs: - description: |- - glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - More info: https://examples.k8s.io/volumes/glusterfs/README.md + description: 'glusterfs represents a Glusterfs + mount on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md' properties: endpoints: - description: |- - endpoints is the endpoint name that details Glusterfs topology. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: 'endpoints is the endpoint + name that details Glusterfs topology. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string path: - description: |- - path is the Glusterfs volume path. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + description: 'path is the Glusterfs volume + path. + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: string readOnly: - description: |- - readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + description: 'readOnly here will force the + Glusterfs volume to be mounted with read-only + permissions. + Defaults to false. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' type: boolean required: - endpoints - path type: object hostPath: - description: |- - hostPath represents a pre-existing file or directory on the host - machine that is directly exposed to the container. This is generally - used for system agents or other privileged things that are allowed - to see the host machine. Most containers will NOT need this. + description: 'hostPath represents a pre-existing + file or directory on the host + + machine that is directly exposed to the container. + This is generally + + used for system agents or other privileged + things that are allowed + + to see the host machine. Most containers will + NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- - TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - mount host directories as read/write. + + TODO(jonesdl) We need to restrict who can + use host directory mounts and who can/can + not + + mount host directories as read/write.' properties: path: - description: |- - path of the directory on the host. - If the path is a symlink, it will follow the link to the real path. - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + description: 'path of the directory on the + host. + + If the path is a symlink, it will follow + the link to the real path. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string type: - description: |- - type for HostPath Volume + description: 'type for HostPath Volume + Defaults to "" - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' type: string required: - path type: object iscsi: - description: |- - iscsi represents an ISCSI Disk resource that is attached to a - kubelet's host machine and then exposed to the pod. - More info: https://examples.k8s.io/volumes/iscsi/README.md + description: 'iscsi represents an ISCSI Disk + resource that is attached to a + + kubelet''s host machine and then exposed to + the pod. + + More info: https://examples.k8s.io/volumes/iscsi/README.md' properties: chapAuthDiscovery: description: chapAuthDiscovery defines whether @@ -16768,27 +23497,39 @@ spec: support iSCSI Session CHAP authentication type: boolean fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is + supported by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string initiatorName: - description: |- - initiatorName is the custom iSCSI Initiator Name. - If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - : will be created for the connection. + description: 'initiatorName is the custom + iSCSI Initiator Name. + + If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface + + : will be + created for the connection.' type: string iqn: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: - description: |- - iscsiInterface is the interface Name that uses an iSCSI transport. - Defaults to 'default' (tcp). + description: 'iscsiInterface is the interface + Name that uses an iSCSI transport. + + Defaults to ''default'' (tcp).' type: string lun: description: lun represents iSCSI Target @@ -16796,33 +23537,43 @@ spec: format: int32 type: integer portals: - description: |- - portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). + description: 'portals is the iSCSI Target + Portal List. The portal is either an IP + or ip_addr:port if the port + + is other than default (typically TCP ports + 860 and 3260).' items: type: string type: array + x-kubernetes-list-type: atomic readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. - Defaults to false. + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. + + Defaults to false.' type: boolean secretRef: description: secretRef is the CHAP Secret for iSCSI target and initiator authentication properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic targetPortal: - description: |- - targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - is other than default (typically TCP ports 860 and 3260). + description: 'targetPortal is iSCSI Target + Portal. The Portal is either an IP or + ip_addr:port if the port + + is other than default (typically TCP ports + 860 and 3260).' type: string required: - iqn @@ -16830,51 +23581,64 @@ spec: - targetPortal type: object name: - description: |- - name of the volume. - Must be a DNS_LABEL and unique within the pod. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: 'name of the volume. + + Must be a DNS_LABEL and unique within the + pod. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string nfs: - description: |- - nfs represents an NFS mount on the host that shares a pod's lifetime - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'nfs represents an NFS mount on + the host that shares a pod''s lifetime + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' properties: path: - description: |- - path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'path that is exported by the + NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string readOnly: - description: |- - readOnly here will force the NFS export to be mounted with read-only permissions. + description: 'readOnly here will force the + NFS export to be mounted with read-only + permissions. + Defaults to false. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: boolean server: - description: |- - server is the hostname or IP address of the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + description: 'server is the hostname or + IP address of the NFS server. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' type: string required: - path - server type: object persistentVolumeClaim: - description: |- - persistentVolumeClaimVolumeSource represents a reference to a + description: 'persistentVolumeClaimVolumeSource + represents a reference to a + PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: claimName: - description: |- - claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + description: 'claimName is the name of a + PersistentVolumeClaim in the same namespace + as the pod using this volume. + + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' type: string readOnly: - description: |- - readOnly Will force the ReadOnly setting in VolumeMounts. - Default false. + description: 'readOnly Will force the ReadOnly + setting in VolumeMounts. + + Default false.' type: boolean required: - claimName @@ -16885,10 +23649,14 @@ spec: and mounted on kubelets host machine properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified.' type: string pdID: description: pdID is the ID that identifies @@ -16903,15 +23671,20 @@ spec: machine properties: fsType: - description: |- - fSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fSType represents the filesystem + type to mount + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs". Implicitly inferred + to be "ext4" if unspecified.' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false + (read/write). ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean volumeID: description: volumeID uniquely identifies @@ -16926,13 +23699,26 @@ spec: API properties: defaultMode: - description: |- - defaultMode are the mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'defaultMode are the mode bits + used to set permissions on created files + by default. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values for mode + bits. + + Directories within the path are not affected + by this setting. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer sources: @@ -16943,40 +23729,69 @@ spec: along with other supported volume types properties: clusterTrustBundle: - description: |- - ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field - of ClusterTrustBundle objects in an auto-updating file. + description: 'ClusterTrustBundle allows + a pod to access the `.spec.trustBundle` + field + of ClusterTrustBundle objects in + an auto-updating file. - Alpha, gated by the ClusterTrustBundleProjection feature gate. - ClusterTrustBundle objects can either be selected by name, or by the - combination of signer name and a label selector. + Alpha, gated by the ClusterTrustBundleProjection + feature gate. - Kubelet performs aggressive normalization of the PEM contents written - into the pod filesystem. Esoteric PEM features such as inter-block - comments and block headers are stripped. Certificates are deduplicated. - The ordering of certificates within the file is arbitrary, and Kubelet - may change the order over time. - properties: - labelSelector: - description: |- - Select all ClusterTrustBundles that match this label selector. Only has - effect if signerName is set. Mutually-exclusive with name. If unset, - interpreted as "match nothing". If set but empty, interpreted as "match - everything". - properties: - matchExpressions: + + ClusterTrustBundle objects can either + be selected by name, or by the + + combination of signer name and a + label selector. + + + + Kubelet performs aggressive normalization + of the PEM contents written + + into the pod filesystem. Esoteric + PEM features such as inter-block + + comments and block headers are stripped. Certificates + are deduplicated. + + The ordering of certificates within + the file is arbitrary, and Kubelet + + may change the order over time.' + properties: + labelSelector: + description: 'Select all ClusterTrustBundles + that match this label selector. Only + has + + effect if signerName is set. Mutually-exclusive + with name. If unset, + + interpreted as "match nothing". If + set but empty, interpreted as + "match + + everything".' + properties: + matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. + description: 'A label selector + requirement is a selector + that contains values, + a key, and an operator + that + + relates the key and values.' properties: key: description: key is @@ -16985,46 +23800,86 @@ spec: to. type: string operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. + description: 'operator + represents a key''s + relationship to a + set of values. + + Valid operators are + In, NotIn, Exists + and DoesNotExist.' type: string values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. + description: 'values + is an array of string + values. If the operator + is In or NotIn, + + the values array must + be non-empty. If the + operator is Exists + or DoesNotExist, + + the values array must + be empty. This array + is replaced during + a strategic + + merge patch.' items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. + description: 'matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + + map is equivalent to an + element of matchExpressions, + whose key field is "key", + the + + operator is "In", and the + values array contains only + "value". The requirements + are ANDed.' type: object type: object x-kubernetes-map-type: atomic name: - description: |- - Select a single ClusterTrustBundle by object name. Mutually-exclusive - with signerName and labelSelector. + description: 'Select a single + ClusterTrustBundle by object + name. Mutually-exclusive + + with signerName and labelSelector.' type: string optional: - description: |- - If true, don't block pod startup if the referenced ClusterTrustBundle(s) - aren't available. If using name, then the named ClusterTrustBundle is - allowed not to exist. If using signerName, then the combination of - signerName and labelSelector is allowed to match zero - ClusterTrustBundles. + description: 'If true, don''t + block pod startup if the referenced + ClusterTrustBundle(s) + + aren''t available. If using + name, then the named ClusterTrustBundle + is + + allowed not to exist. If using + signerName, then the combination + of + + signerName and labelSelector + is allowed to match zero + + ClusterTrustBundles.' type: boolean path: description: Relative path from @@ -17032,10 +23887,14 @@ spec: bundle. type: string signerName: - description: |- - Select all ClusterTrustBundles that match this signer name. - Mutually-exclusive with name. The contents of all selected - ClusterTrustBundles will be unified and deduplicated. + description: 'Select all ClusterTrustBundles + that match this signer name. + + Mutually-exclusive with name. The + contents of all selected + + ClusterTrustBundles will be + unified and deduplicated.' type: string required: - path @@ -17045,14 +23904,33 @@ spec: about the configMap data to project properties: items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - ConfigMap will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the ConfigMap, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, + each key-value pair in the Data + field of the referenced + + ConfigMap will be projected + into the volume as a file whose + name is the + + key and content is the value. + If specified, the listed keys + will be + + projected into the specified + paths, and unlisted keys will + not be + + present. If a key is specified + which is not present in the + ConfigMap, + + the volume setup will error + unless it is marked optional. + Paths must be + + relative and may not contain + the ''..'' path or start with + ''..''.' items: description: Maps a string key to a path within a volume. @@ -17062,32 +23940,60 @@ spec: key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: + mode bits used to set + permissions on this file. + + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. + + YAML accepts both octal + and decimal values, JSON + requires decimal values + for mode bits. + + If not specified, the + volume defaultMode will + be used. + + This might be in conflict + with other options that + affect the file + + mode, like fsGroup, and + the result can be other + mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. - May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + description: 'path is the + relative path of the file + to map the key to. + + May not be an absolute + path. + + May not contain the path + element ''..''. + + May not start with the + string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: optional specify @@ -17113,8 +24019,8 @@ spec: description: 'Required: Selects a field of the pod: only annotations, - labels, name and namespace - are supported.' + labels, name, namespace + and uid are supported.' properties: apiVersion: description: Version @@ -17134,13 +24040,31 @@ spec: type: object x-kubernetes-map-type: atomic mode: - description: |- - Optional: mode bits used to set permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'Optional: + mode bits used to set + permissions on this file, + must be an octal value + + between 0000 and 0777 + or a decimal value between + 0 and 511. + + YAML accepts both octal + and decimal values, JSON + requires decimal values + for mode bits. + + If not specified, the + volume defaultMode will + be used. + + This might be in conflict + with other options that + affect the file + + mode, like fsGroup, and + the result can be other + mode bits set.' format: int32 type: integer path: @@ -17156,9 +24080,14 @@ spec: ''..''' type: string resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + description: 'Selects a + resource of the container: + only resources limits + and requests + + (limits.cpu, limits.memory, + requests.cpu and requests.memory) + are currently supported.' properties: containerName: description: 'Container @@ -17188,20 +24117,40 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: description: secret information about the secret data to project properties: items: - description: |- - items if unspecified, each key-value pair in the Data field of the referenced - Secret will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items if unspecified, + each key-value pair in the Data + field of the referenced + + Secret will be projected into + the volume as a file whose name + is the + + key and content is the value. + If specified, the listed keys + will be + + projected into the specified + paths, and unlisted keys will + not be + + present. If a key is specified + which is not present in the + Secret, + + the volume setup will error + unless it is marked optional. + Paths must be + + relative and may not contain + the ''..'' path or start with + ''..''.' items: description: Maps a string key to a path within a volume. @@ -17211,32 +24160,60 @@ spec: key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: + mode bits used to set + permissions on this file. + + Must be an octal value + between 0000 and 0777 + or a decimal value between + 0 and 511. + + YAML accepts both octal + and decimal values, JSON + requires decimal values + for mode bits. + + If not specified, the + volume defaultMode will + be used. + + This might be in conflict + with other options that + affect the file + + mode, like fsGroup, and + the result can be other + mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. - May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + description: 'path is the + relative path of the file + to map the key to. + + May not be an absolute + path. + + May not contain the path + element ''..''. + + May not start with the + string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. + apiVersion, kind, uid?' type: string optional: description: optional field specify @@ -17251,62 +24228,97 @@ spec: data to project properties: audience: - description: |- - audience is the intended audience of the token. A recipient of a token - must identify itself with an identifier specified in the audience of the - token, and otherwise should reject the token. The audience defaults to the - identifier of the apiserver. + description: 'audience is the + intended audience of the token. + A recipient of a token + + must identify itself with an + identifier specified in the + audience of the + + token, and otherwise should + reject the token. The audience + defaults to the + + identifier of the apiserver.' type: string expirationSeconds: - description: |- - expirationSeconds is the requested duration of validity of the service - account token. As the token approaches expiration, the kubelet volume - plugin will proactively rotate the service account token. The kubelet will - start trying to rotate the token if the token is older than 80 percent of - its time to live or if the token is older than 24 hours.Defaults to 1 hour - and must be at least 10 minutes. + description: 'expirationSeconds + is the requested duration of + validity of the service + + account token. As the token + approaches expiration, the kubelet + volume + + plugin will proactively rotate + the service account token. The + kubelet will + + start trying to rotate the token + if the token is older than 80 + percent of + + its time to live or if the token + is older than 24 hours.Defaults + to 1 hour + + and must be at least 10 minutes.' format: int64 type: integer path: - description: |- - path is the path relative to the mount point of the file to project the - token into. + description: 'path is the path + relative to the mount point + of the file to project the + + token into.' type: string required: - path type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: description: quobyte represents a Quobyte mount on the host that shares a pod's lifetime properties: group: - description: |- - group to map volume access to - Default is no group + description: 'group to map volume access + to + + Default is no group' type: string readOnly: - description: |- - readOnly here will force the Quobyte volume to be mounted with read-only permissions. - Defaults to false. + description: 'readOnly here will force the + Quobyte volume to be mounted with read-only + permissions. + + Defaults to false.' type: boolean registry: - description: |- - registry represents a single or multiple Quobyte Registry services - specified as a string as host:port pair (multiple entries are separated with commas) - which acts as the central registry for volumes + description: 'registry represents a single + or multiple Quobyte Registry services + + specified as a string as host:port pair + (multiple entries are separated with commas) + + which acts as the central registry for + volumes' type: string tenant: - description: |- - tenant owning the given Quobyte volume in the Backend - Used with dynamically provisioned Quobyte volumes, value is set by the plugin + description: 'tenant owning the given Quobyte + volume in the Backend + + Used with dynamically provisioned Quobyte + volumes, value is set by the plugin' type: string user: - description: |- - user to map volume access to - Defaults to serivceaccount user + description: 'user to map volume access + to + + Defaults to serivceaccount user' type: string volume: description: volume is a string that references @@ -17317,68 +24329,89 @@ spec: - volume type: object rbd: - description: |- - rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - More info: https://examples.k8s.io/volumes/rbd/README.md + description: 'rbd represents a Rados Block Device + mount on the host that shares a pod''s lifetime. + + More info: https://examples.k8s.io/volumes/rbd/README.md' properties: fsType: - description: |- - fsType is the filesystem type of the volume that you want to mount. - Tip: Ensure that the filesystem type is supported by the host operating system. - Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type + of the volume that you want to mount. + + Tip: Ensure that the filesystem type is + supported by the host operating system. + + Examples: "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising the machine + + TODO: how do we prevent errors in the + filesystem from compromising the machine' type: string image: - description: |- - image is the rados image name. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + description: 'image is the rados image name. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string keyring: - description: |- - keyring is the path to key ring for RBDUser. + description: 'keyring is the path to key + ring for RBDUser. + Default is /etc/ceph/keyring. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string monitors: - description: |- - monitors is a collection of Ceph monitors. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + description: 'monitors is a collection of + Ceph monitors. + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' items: type: string type: array + x-kubernetes-list-type: atomic pool: - description: |- - pool is the rados pool name. + description: 'pool is the rados pool name. + Default is rbd. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string readOnly: - description: |- - readOnly here will force the ReadOnly setting in VolumeMounts. + description: 'readOnly here will force the + ReadOnly setting in VolumeMounts. + Defaults to false. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: boolean secretRef: - description: |- - secretRef is name of the authentication secret for RBDUser. If provided + description: 'secretRef is name of the authentication + secret for RBDUser. If provided + overrides keyring. + Default is nil. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic user: - description: |- - user is the rados user name. + description: 'user is the rados user name. + Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string required: - image @@ -17390,11 +24423,15 @@ spec: nodes. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + Ex. "ext4", "xfs", "ntfs". - Default is "xfs". + + Default is "xfs".' type: string gateway: description: gateway is the host address @@ -17406,20 +24443,25 @@ spec: configured storage. type: string readOnly: - description: |- - readOnly Defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly Defaults to false + (read/write). ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef references to the secret for ScaleIO user and other - sensitive information. If this is not provided, Login operation will fail. + description: 'secretRef references to the + secret for ScaleIO user and other + + sensitive information. If this is not + provided, Login operation will fail.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic @@ -17429,9 +24471,11 @@ spec: false type: boolean storageMode: - description: |- - storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - Default is ThinProvisioned. + description: 'storageMode indicates whether + the storage for a volume should be ThickProvisioned + or ThinProvisioned. + + Default is ThinProvisioned.' type: string storagePool: description: storagePool is the ScaleIO @@ -17443,9 +24487,11 @@ spec: system as configured in ScaleIO. type: string volumeName: - description: |- - volumeName is the name of a volume already created in the ScaleIO system - that is associated with this volume source. + description: 'volumeName is the name of + a volume already created in the ScaleIO + system + + that is associated with this volume source.' type: string required: - gateway @@ -17453,30 +24499,57 @@ spec: - system type: object secret: - description: |- - secret represents a secret that should populate this volume. - More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + description: 'secret represents a secret that + should populate this volume. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' properties: defaultMode: - description: |- - defaultMode is Optional: mode bits used to set permissions on created files by default. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values + description: 'defaultMode is Optional: mode + bits used to set permissions on created + files by default. + + Must be an octal value between 0000 and + 0777 or a decimal value between 0 and + 511. + + YAML accepts both octal and decimal values, + JSON requires decimal values + for mode bits. Defaults to 0644. - Directories within the path are not affected by this setting. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + + Directories within the path are not affected + by this setting. + + This might be in conflict with other options + that affect the file + + mode, like fsGroup, and the result can + be other mode bits set.' format: int32 type: integer items: - description: |- - items If unspecified, each key-value pair in the Data field of the referenced - Secret will be projected into the volume as a file whose name is the - key and content is the value. If specified, the listed keys will be - projected into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start with '..'. + description: 'items If unspecified, each + key-value pair in the Data field of the + referenced + + Secret will be projected into the volume + as a file whose name is the + + key and content is the value. If specified, + the listed keys will be + + projected into the specified paths, and + unlisted keys will not be + + present. If a key is specified which is + not present in the Secret, + + the volume setup will error unless it + is marked optional. Paths must be + + relative and may not contain the ''..'' + path or start with ''..''.' items: description: Maps a string key to a path within a volume. @@ -17485,35 +24558,56 @@ spec: description: key is the key to project. type: string mode: - description: |- - mode is Optional: mode bits used to set permissions on this file. - Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - If not specified, the volume defaultMode will be used. - This might be in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode bits set. + description: 'mode is Optional: mode + bits used to set permissions on + this file. + + Must be an octal value between 0000 + and 0777 or a decimal value between + 0 and 511. + + YAML accepts both octal and decimal + values, JSON requires decimal values + for mode bits. + + If not specified, the volume defaultMode + will be used. + + This might be in conflict with other + options that affect the file + + mode, like fsGroup, and the result + can be other mode bits set.' format: int32 type: integer path: - description: |- - path is the relative path of the file to map the key to. + description: 'path is the relative + path of the file to map the key + to. + May not be an absolute path. - May not contain the path element '..'. - May not start with the string '..'. + + May not contain the path element + ''..''. + + May not start with the string ''..''.' type: string required: - key - path type: object type: array + x-kubernetes-list-type: atomic optional: description: optional field specify whether the Secret or its keys must be defined type: boolean secretName: - description: |- - secretName is the name of the secret in the pod's namespace to use. - More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + description: 'secretName is the name of + the secret in the pod''s namespace to + use. + + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string type: object storageos: @@ -17522,42 +24616,63 @@ spec: nodes. properties: fsType: - description: |- - fsType is the filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is the filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified.' type: string readOnly: - description: |- - readOnly defaults to false (read/write). ReadOnly here will force - the ReadOnly setting in VolumeMounts. + description: 'readOnly defaults to false + (read/write). ReadOnly here will force + + the ReadOnly setting in VolumeMounts.' type: boolean secretRef: - description: |- - secretRef specifies the secret to use for obtaining the StorageOS API - credentials. If not specified, default values will be attempted. + description: 'secretRef specifies the secret + to use for obtaining the StorageOS API + + credentials. If not specified, default + values will be attempted.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, + kind, uid?' type: string type: object x-kubernetes-map-type: atomic volumeName: - description: |- - volumeName is the human-readable name of the StorageOS volume. Volume - names are only unique within a namespace. + description: 'volumeName is the human-readable + name of the StorageOS volume. Volume + + names are only unique within a namespace.' type: string volumeNamespace: - description: |- - volumeNamespace specifies the scope of the volume within StorageOS. If no - namespace is specified then the Pod's namespace will be used. This allows the - Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - Set VolumeName to any name to override the default behaviour. - Set to "default" if you are not using namespaces within StorageOS. - Namespaces that do not pre-exist within StorageOS will be created. + description: 'volumeNamespace specifies + the scope of the volume within StorageOS. If + no + + namespace is specified then the Pod''s + namespace will be used. This allows the + + Kubernetes name scoping to be mirrored + within StorageOS for tighter integration. + + Set VolumeName to any name to override + the default behaviour. + + Set to "default" if you are not using + namespaces within StorageOS. + + Namespaces that do not pre-exist within + StorageOS will be created.' type: string type: object vsphereVolume: @@ -17566,10 +24681,14 @@ spec: machine properties: fsType: - description: |- - fsType is filesystem type to mount. - Must be a filesystem type supported by the host operating system. - Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + description: 'fsType is filesystem type + to mount. + + Must be a filesystem type supported by + the host operating system. + + Ex. "ext4", "xfs", "ntfs". Implicitly + inferred to be "ext4" if unspecified.' type: string storagePolicyID: description: storagePolicyID is the storage @@ -17592,6 +24711,9 @@ spec: - name type: object type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map required: - containers type: object @@ -17612,21 +24734,32 @@ spec: annotations: additionalProperties: type: string - description: |- - Annotations is an unstructured key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when modifying objects. - More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + description: 'Annotations is an unstructured key value map + stored with a resource that + + may be set by external tools to store and retrieve arbitrary + metadata. + + They are not queryable and should be preserved when modifying + objects. + + More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' type: object labels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. Labels will be merged with internal labels - used by crossplane, and labels with a crossplane.io key might be + description: 'Map of string keys and values that can be used + to organize and categorize + + (scope and select) objects. Labels will be merged with internal + labels + + used by crossplane, and labels with a crossplane.io key + might be + overwritten. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object name: description: Name is the name of the object. @@ -17643,21 +24776,32 @@ spec: annotations: additionalProperties: type: string - description: |- - Annotations is an unstructured key value map stored with a resource that - may be set by external tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when modifying objects. - More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + description: 'Annotations is an unstructured key value map + stored with a resource that + + may be set by external tools to store and retrieve arbitrary + metadata. + + They are not queryable and should be preserved when modifying + objects. + + More info: http:https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' type: object labels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize - (scope and select) objects. Labels will be merged with internal labels - used by crossplane, and labels with a crossplane.io key might be + description: 'Map of string keys and values that can be used + to organize and categorize + + (scope and select) objects. Labels will be merged with internal + labels + + used by crossplane, and labels with a crossplane.io key + might be + overwritten. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object name: description: Name is the name of the object. @@ -17669,14 +24813,145 @@ spec: served: true storage: true subresources: {} +status: + acceptedNames: + categories: + - crossplane + kind: DeploymentRuntimeConfig + listKind: DeploymentRuntimeConfigList + plural: deploymentruntimeconfigs + singular: deploymentruntimeconfig + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1beta1 +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 + name: environmentconfigs.apiextensions.crossplane.io + resourceVersion: '547' + uid: ca24c593-8b70-4f17-88e9-f9b0e45d754f +spec: + conversion: + strategy: None + group: apiextensions.crossplane.io + names: + categories: + - crossplane + kind: EnvironmentConfig + listKind: EnvironmentConfigList + plural: environmentconfigs + shortNames: + - envcfg + singular: environmentconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: 'An EnvironmentConfig contains user-defined unstructured values + for + + use in a Composition. + + + + Read the Crossplane documentation for + + [more information about EnvironmentConfigs](https://docs.crossplane.io/latest/concepts/environment-configs).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + data: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + description: 'The data of this EnvironmentConfig. + + This may contain any kind of structure that can be serialized into JSON.' + type: object + kind: + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + categories: + - crossplane + kind: EnvironmentConfig + listKind: EnvironmentConfigList + plural: environmentconfigs + shortNames: + - envcfg + singular: environmentconfig + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1alpha1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: functionrevisions.pkg.crossplane.io + resourceVersion: '574' + uid: c491832d-e194-4fa0-a4f2-ffdd06bd7c89 spec: + conversion: + strategy: None group: pkg.crossplane.io names: categories: @@ -17710,31 +24985,42 @@ spec: - jsonPath: .metadata.creationTimestamp name: AGE type: date - name: v1beta1 + name: v1 schema: openAPIV3Schema: - description: |- - A FunctionRevision represents a revision of a Function. Crossplane + description: 'A FunctionRevision represents a revision of a Function. Crossplane + creates new revisions when there are changes to the Function. - Crossplane creates and manages FunctionRevisions. Don't directly edit - FunctionRevisions. + + Crossplane creates and manages FunctionRevisions. Don''t directly edit + + FunctionRevisions.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -17744,17 +25030,22 @@ spec: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object controllerConfigRef: - description: |- - ControllerConfigRef references a ControllerConfig resource that will be + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + used to configure the packaged controller Deployment. - Deprecated: Use RuntimeConfigReference instead. + + Deprecated: Use RuntimeConfigReference instead.' properties: name: description: Name of the ControllerConfig. @@ -17768,10 +25059,12 @@ spec: type: string ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean image: description: Package image used by install Pod to extract package @@ -17779,43 +25072,54 @@ spec: type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. It is also - applied to any images pulled for the package, such as a provider's + description: 'PackagePullPolicy defines the pull policy for the package. + It is also + + applied to any images pulled for the package, such as a provider''s + controller image. - Default is IfNotPresent. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be - used to fetch packages from private registries. They are also applied to - any images pulled for the package, such as a provider's controller image. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be + + used to fetch packages from private registries. They are also applied + to + + any images pulled for the package, such as a provider''s controller + image.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revision: - description: |- - Revision number. Indicates when the revision will be garbage collected - based on the parent's RevisionHistoryLimit. + description: 'Revision number. Indicates when the revision will be + garbage collected + + based on the parent''s RevisionHistoryLimit.' format: int64 type: integer runtimeConfigRef: default: name: default - description: |- - RuntimeConfigRef references a RuntimeConfig resource that will be used - to configure the package runtime. + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' properties: apiVersion: default: pkg.crossplane.io/v1beta1 @@ -17833,30 +25137,809 @@ spec: type: object skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + + unintended consequences. + + Default is false.' + type: boolean + tlsClientSecretName: + description: 'TLSClientSecretName is the name of the TLS Secret that + stores client + + certificates of the Provider.' + type: string + tlsServerSecretName: + description: 'TLSServerSecretName is the name of the TLS Secret that + stores server + + certificates of the Provider.' + type: string + required: + - desiredState + - image + - revision + type: object + status: + description: FunctionRevisionStatus represents the observed state of a + FunctionRevision. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' + format: date-time + type: string + message: + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' + type: string + observedGeneration: + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' + format: int64 + type: integer + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + endpoint: + description: 'Endpoint is the gRPC endpoint where Crossplane will + send + + RunFunctionRequests.' + type: string + foundDependencies: + description: Dependency information. + format: int64 + type: integer + installedDependencies: + format: int64 + type: integer + invalidDependencies: + format: int64 + type: integer + objectRefs: + description: References to objects owned by PackageRevision. + items: + description: 'A TypedReference refers to an object by Name, Kind, + and APIVersion. It is + + commonly used to reference cluster-scoped objects or objects where + the + + namespace is already known.' + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + type: array + permissionRequests: + description: 'PermissionRequests made by this package. The package + declares that its + + controller needs these permissions to run. The RBAC manager is + + responsible for granting them.' + items: + description: 'PolicyRule holds information that describes a policy + rule, but does not contain information + + about who the rule applies to or which namespace the rule applies + to.' + properties: + apiGroups: + description: 'APIGroups is the name of the APIGroup that contains + the resources. If multiple API groups are specified, any + action requested against one of + + the enumerated resources in any API group will be allowed. + "" represents the core API group and "*" represents all API + groups.' + items: + type: string + type: array + x-kubernetes-list-type: atomic + nonResourceURLs: + description: 'NonResourceURLs is a set of partial urls that + a user should have access to. *s are allowed, but only as + the full, final step in the path + + Since non-resource URLs are not namespaced, this field is + only applicable for ClusterRoles referenced from a ClusterRoleBinding. + + Rules can either apply to API resources (such as "pods" or + "secrets") or non-resource URL paths (such as "/api"), but + not both.' + items: + type: string + type: array + x-kubernetes-list-type: atomic + resourceNames: + description: ResourceNames is an optional white list of names + that the rule applies to. An empty set means that everything + is allowed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + resources: + description: Resources is a list of resources this rule applies + to. '*' represents all resources. + items: + type: string + type: array + x-kubernetes-list-type: atomic + verbs: + description: Verbs is a list of Verbs that apply to ALL the + ResourceKinds contained in this rule. '*' represents all verbs. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - verbs + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Healthy')].status + name: HEALTHY + type: string + - jsonPath: .spec.revision + name: REVISION + type: string + - jsonPath: .spec.image + name: IMAGE + type: string + - jsonPath: .spec.desiredState + name: STATE + type: string + - jsonPath: .status.foundDependencies + name: DEP-FOUND + type: string + - jsonPath: .status.installedDependencies + name: DEP-INSTALLED + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: 'A FunctionRevision represents a revision of a Function. Crossplane + + creates new revisions when there are changes to the Function. + + + + Crossplane creates and manages FunctionRevisions. Don''t directly edit + + FunctionRevisions.' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FunctionRevisionSpec specifies configuration for a FunctionRevision. + properties: + commonLabels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize + and categorize + + (scope and select) objects. May match selectors of replication controllers + + and services. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + type: object + controllerConfigRef: + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + + used to configure the packaged controller Deployment. + + Deprecated: Use RuntimeConfigReference instead.' + properties: + name: + description: Name of the ControllerConfig. + type: string + required: + - name + type: object + desiredState: + description: DesiredState of the PackageRevision. Can be either Active + or Inactive. + type: string + ignoreCrossplaneConstraints: + default: false + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + + honor Crossplane version constrains specified by the package. + + Default is false.' + type: boolean + image: + description: Package image used by install Pod to extract package + contents. + type: string + packagePullPolicy: + default: IfNotPresent + description: 'PackagePullPolicy defines the pull policy for the package. + It is also + + applied to any images pulled for the package, such as a provider''s + + controller image. + + Default is IfNotPresent.' + type: string + packagePullSecrets: + description: 'PackagePullSecrets are named secrets in the same namespace + that can be + + used to fetch packages from private registries. They are also applied + to + + any images pulled for the package, such as a provider''s controller + image.' + items: + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' + properties: + name: + description: 'Name of the referent. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + revision: + description: 'Revision number. Indicates when the revision will be + garbage collected + + based on the parent''s RevisionHistoryLimit.' + format: int64 + type: integer + runtimeConfigRef: + default: + name: default + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' + properties: + apiVersion: + default: pkg.crossplane.io/v1beta1 + description: API version of the referent. + type: string + kind: + default: DeploymentRuntimeConfig + description: Kind of the referent. + type: string + name: + description: Name of the RuntimeConfig. + type: string + required: + - name + type: object + skipDependencyResolution: + default: false + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + + unintended consequences. + + Default is false.' + type: boolean + tlsClientSecretName: + description: 'TLSClientSecretName is the name of the TLS Secret that + stores client + + certificates of the Provider.' + type: string + tlsServerSecretName: + description: 'TLSServerSecretName is the name of the TLS Secret that + stores server + + certificates of the Provider.' + type: string + required: + - desiredState + - image + - revision + type: object + status: + description: FunctionRevisionStatus represents the observed state of a + FunctionRevision. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' + format: date-time + type: string + message: + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' + type: string + observedGeneration: + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' + format: int64 + type: integer + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + endpoint: + description: 'Endpoint is the gRPC endpoint where Crossplane will + send + + RunFunctionRequests.' + type: string + foundDependencies: + description: Dependency information. + format: int64 + type: integer + installedDependencies: + format: int64 + type: integer + invalidDependencies: + format: int64 + type: integer + objectRefs: + description: References to objects owned by PackageRevision. + items: + description: 'A TypedReference refers to an object by Name, Kind, + and APIVersion. It is + + commonly used to reference cluster-scoped objects or objects where + the + + namespace is already known.' + properties: + apiVersion: + description: APIVersion of the referenced object. + type: string + kind: + description: Kind of the referenced object. + type: string + name: + description: Name of the referenced object. + type: string + uid: + description: UID of the referenced object. + type: string + required: + - apiVersion + - kind + - name + type: object + type: array + permissionRequests: + description: 'PermissionRequests made by this package. The package + declares that its + + controller needs these permissions to run. The RBAC manager is + + responsible for granting them.' + items: + description: 'PolicyRule holds information that describes a policy + rule, but does not contain information + + about who the rule applies to or which namespace the rule applies + to.' + properties: + apiGroups: + description: 'APIGroups is the name of the APIGroup that contains + the resources. If multiple API groups are specified, any + action requested against one of + + the enumerated resources in any API group will be allowed. + "" represents the core API group and "*" represents all API + groups.' + items: + type: string + type: array + x-kubernetes-list-type: atomic + nonResourceURLs: + description: 'NonResourceURLs is a set of partial urls that + a user should have access to. *s are allowed, but only as + the full, final step in the path + + Since non-resource URLs are not namespaced, this field is + only applicable for ClusterRoles referenced from a ClusterRoleBinding. + + Rules can either apply to API resources (such as "pods" or + "secrets") or non-resource URL paths (such as "/api"), but + not both.' + items: + type: string + type: array + x-kubernetes-list-type: atomic + resourceNames: + description: ResourceNames is an optional white list of names + that the rule applies to. An empty set means that everything + is allowed. + items: + type: string + type: array + x-kubernetes-list-type: atomic + resources: + description: Resources is a list of resources this rule applies + to. '*' represents all resources. + items: + type: string + type: array + x-kubernetes-list-type: atomic + verbs: + description: Verbs is a list of Verbs that apply to ALL the + ResourceKinds contained in this rule. '*' represents all verbs. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - verbs + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + categories: + - crossplane + - pkgrev + kind: FunctionRevision + listKind: FunctionRevisionList + plural: functionrevisions + singular: functionrevision + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 + name: functions.pkg.crossplane.io + resourceVersion: '575' + uid: a52c6304-accc-4350-aa73-f9902bd504f7 +spec: + conversion: + strategy: None + group: pkg.crossplane.io + names: + categories: + - crossplane + - pkg + kind: Function + listKind: FunctionList + plural: functions + singular: function + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Installed')].status + name: INSTALLED + type: string + - jsonPath: .status.conditions[?(@.type=='Healthy')].status + name: HEALTHY + type: string + - jsonPath: .spec.package + name: PACKAGE + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1 + schema: + openAPIV3Schema: + description: 'A Function installs an OCI compatible Crossplane package, extending + + Crossplane with support for a new kind of composition function. + + + + Read the Crossplane documentation for + + [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: FunctionSpec specifies the configuration of a Function. + properties: + commonLabels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize + and categorize + + (scope and select) objects. May match selectors of replication controllers + + and services. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + type: object + controllerConfigRef: + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + + used to configure the packaged controller Deployment. + + Deprecated: Use RuntimeConfigReference instead.' + properties: + name: + description: Name of the ControllerConfig. + type: string + required: + - name + type: object + ignoreCrossplaneConstraints: + default: false + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + + honor Crossplane version constrains specified by the package. + + Default is false.' + type: boolean + package: + description: Package is the name of the package that is being requested. + type: string + packagePullPolicy: + default: IfNotPresent + description: 'PackagePullPolicy defines the pull policy for the package. + + Default is IfNotPresent.' + type: string + packagePullSecrets: + description: 'PackagePullSecrets are named secrets in the same namespace + that can be used + + to fetch packages from private registries.' + items: + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' + properties: + name: + description: 'Name of the referent. + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + revisionActivationPolicy: + default: Automatic + description: 'RevisionActivationPolicy specifies how the package controller + should + + update from one revision to the next. Options are Automatic or Manual. + + Default is Automatic.' + type: string + revisionHistoryLimit: + default: 1 + description: 'RevisionHistoryLimit dictates how the package controller + cleans up old + + inactive package revisions. + + Defaults to 1. Can be disabled by explicitly setting to 0.' + format: int64 + type: integer + runtimeConfigRef: + default: + name: default + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' + properties: + apiVersion: + default: pkg.crossplane.io/v1beta1 + description: API version of the referent. + type: string + kind: + default: DeploymentRuntimeConfig + description: Kind of the referent. + type: string + name: + description: Name of the RuntimeConfig. + type: string + required: + - name + type: object + skipDependencyResolution: + default: false + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean - tlsClientSecretName: - description: |- - TLSClientSecretName is the name of the TLS Secret that stores client - certificates of the Provider. - type: string - tlsServerSecretName: - description: |- - TLSServerSecretName is the name of the TLS Secret that stores server - certificates of the Provider. - type: string required: - - desiredState - - image - - revision + - package type: object status: - description: FunctionRevisionStatus represents the observed state of a - FunctionRevision. + description: FunctionStatus represents the observed state of a Function. properties: conditions: description: Conditions of the resource. @@ -17864,21 +25947,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -17890,9 +25979,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -17904,120 +25994,37 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - endpoint: - description: |- - Endpoint is the gRPC endpoint where Crossplane will send - RunFunctionRequests. + currentIdentifier: + description: 'CurrentIdentifier is the most recent package source + that was used to + + produce a revision. The package manager uses this field to determine + + whether to check for package updates for a given source when + + packagePullPolicy is set to IfNotPresent. Manually removing this + field + + will cause the package manager to check that the current revision + is + + correct for the given package source.' + type: string + currentRevision: + description: 'CurrentRevision is the name of the current package revision. + It will + + reflect the most up to date revision, whether it has been activated + or + + not.' type: string - foundDependencies: - description: Dependency information. - format: int64 - type: integer - installedDependencies: - format: int64 - type: integer - invalidDependencies: - format: int64 - type: integer - objectRefs: - description: References to objects owned by PackageRevision. - items: - description: |- - A TypedReference refers to an object by Name, Kind, and APIVersion. It is - commonly used to reference cluster-scoped objects or objects where the - namespace is already known. - properties: - apiVersion: - description: APIVersion of the referenced object. - type: string - kind: - description: Kind of the referenced object. - type: string - name: - description: Name of the referenced object. - type: string - uid: - description: UID of the referenced object. - type: string - required: - - apiVersion - - kind - - name - type: object - type: array - permissionRequests: - description: |- - PermissionRequests made by this package. The package declares that its - controller needs these permissions to run. The RBAC manager is - responsible for granting them. - items: - description: |- - PolicyRule holds information that describes a policy rule, but does not contain information - about who the rule applies to or which namespace the rule applies to. - properties: - apiGroups: - description: |- - APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. - items: - type: string - type: array - nonResourceURLs: - description: |- - NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path - Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. - Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. - items: - type: string - type: array - resourceNames: - description: ResourceNames is an optional white list of names - that the rule applies to. An empty set means that everything - is allowed. - items: - type: string - type: array - resources: - description: Resources is a list of resources this rule applies - to. '*' represents all resources. - items: - type: string - type: array - verbs: - description: Verbs is a list of Verbs that apply to ALL the - ResourceKinds contained in this rule. '*' represents all verbs. - items: - type: string - type: array - required: - - verbs - type: object - type: array type: object type: object served: true storage: true subresources: status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: functions.pkg.crossplane.io -spec: - group: pkg.crossplane.io - names: - categories: - - crossplane - - pkg - kind: Function - listKind: FunctionList - plural: functions - singular: function - scope: Cluster - versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=='Installed')].status name: INSTALLED @@ -18034,28 +26041,39 @@ spec: name: v1beta1 schema: openAPIV3Schema: - description: |- - A Function installs an OCI compatible Crossplane package, extending + description: 'A Function installs an OCI compatible Crossplane package, extending + Crossplane with support for a new kind of composition function. + Read the Crossplane documentation for - [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions). + + [more information about Functions](https://docs.crossplane.io/latest/concepts/composition-functions).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -18065,17 +26083,22 @@ spec: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object controllerConfigRef: - description: |- - ControllerConfigRef references a ControllerConfig resource that will be + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + used to configure the packaged controller Deployment. - Deprecated: Use RuntimeConfigReference instead. + + Deprecated: Use RuntimeConfigReference instead.' properties: name: description: Name of the ControllerConfig. @@ -18085,59 +26108,69 @@ spec: type: object ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean package: description: Package is the name of the package that is being requested. type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. - Default is IfNotPresent. + description: 'PackagePullPolicy defines the pull policy for the package. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be used - to fetch packages from private registries. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be used + + to fetch packages from private registries.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revisionActivationPolicy: default: Automatic - description: |- - RevisionActivationPolicy specifies how the package controller should + description: 'RevisionActivationPolicy specifies how the package controller + should + update from one revision to the next. Options are Automatic or Manual. - Default is Automatic. + + Default is Automatic.' type: string revisionHistoryLimit: default: 1 - description: |- - RevisionHistoryLimit dictates how the package controller cleans up old + description: 'RevisionHistoryLimit dictates how the package controller + cleans up old + inactive package revisions. - Defaults to 1. Can be disabled by explicitly setting to 0. + + Defaults to 1. Can be disabled by explicitly setting to 0.' format: int64 type: integer runtimeConfigRef: default: name: default - description: |- - RuntimeConfigRef references a RuntimeConfig resource that will be used - to configure the package runtime. + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' properties: apiVersion: default: pkg.crossplane.io/v1beta1 @@ -18155,11 +26188,15 @@ spec: type: object skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean required: - package @@ -18173,21 +26210,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -18199,9 +26242,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -18214,34 +26258,72 @@ spec: - type x-kubernetes-list-type: map currentIdentifier: - description: |- - CurrentIdentifier is the most recent package source that was used to + description: 'CurrentIdentifier is the most recent package source + that was used to + produce a revision. The package manager uses this field to determine + whether to check for package updates for a given source when - packagePullPolicy is set to IfNotPresent. Manually removing this field - will cause the package manager to check that the current revision is - correct for the given package source. + + packagePullPolicy is set to IfNotPresent. Manually removing this + field + + will cause the package manager to check that the current revision + is + + correct for the given package source.' type: string currentRevision: - description: |- - CurrentRevision is the name of the current package revision. It will - reflect the most up to date revision, whether it has been activated or - not. + description: 'CurrentRevision is the name of the current package revision. + It will + + reflect the most up to date revision, whether it has been activated + or + + not.' type: string type: object type: object served: true - storage: true + storage: false subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + - pkg + kind: Function + listKind: FunctionList + plural: functions + singular: function + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: locks.pkg.crossplane.io + resourceVersion: '576' + uid: 08cb003e-1b2d-46ac-917b-425b4119dec8 spec: + conversion: + strategy: None group: pkg.crossplane.io names: kind: Lock @@ -18260,19 +26342,28 @@ spec: description: Lock is the CRD type that tracks package dependencies. properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -18281,17 +26372,19 @@ spec: description: LockPackage is a package that is in the lock. properties: dependencies: - description: |- - Dependencies are the list of dependencies of this package. The order of - the dependencies will dictate the order in which they are resolved. + description: 'Dependencies are the list of dependencies of this + package. The order of + + the dependencies will dictate the order in which they are resolved.' items: description: A Dependency is a dependency of a package in the lock. properties: constraints: - description: |- - Constraints is a valid semver range, which will be used to select a valid - dependency version. + description: 'Constraints is a valid semver range, which will + be used to select a valid + + dependency version.' type: string package: description: Package is the OCI image name without a tag or @@ -18334,14 +26427,39 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: Lock + listKind: LockList + plural: locks + singular: lock + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1beta1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: providerrevisions.pkg.crossplane.io + resourceVersion: '577' + uid: d34c7cb4-2fd1-44b4-aacf-f52dd1c5b3db spec: + conversion: + strategy: None group: pkg.crossplane.io names: categories: @@ -18378,28 +26496,39 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A ProviderRevision represents a revision of a Provider. Crossplane + description: 'A ProviderRevision represents a revision of a Provider. Crossplane + creates new revisions when there are changes to a Provider. - Crossplane creates and manages ProviderRevisions. Don't directly edit - ProviderRevisions. + + Crossplane creates and manages ProviderRevisions. Don''t directly edit + + ProviderRevisions.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -18409,17 +26538,22 @@ spec: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object controllerConfigRef: - description: |- - ControllerConfigRef references a ControllerConfig resource that will be + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + used to configure the packaged controller Deployment. - Deprecated: Use RuntimeConfigReference instead. + + Deprecated: Use RuntimeConfigReference instead.' properties: name: description: Name of the ControllerConfig. @@ -18433,10 +26567,12 @@ spec: type: string ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean image: description: Package image used by install Pod to extract package @@ -18444,43 +26580,54 @@ spec: type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. It is also - applied to any images pulled for the package, such as a provider's + description: 'PackagePullPolicy defines the pull policy for the package. + It is also + + applied to any images pulled for the package, such as a provider''s + controller image. - Default is IfNotPresent. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be - used to fetch packages from private registries. They are also applied to - any images pulled for the package, such as a provider's controller image. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be + + used to fetch packages from private registries. They are also applied + to + + any images pulled for the package, such as a provider''s controller + image.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revision: - description: |- - Revision number. Indicates when the revision will be garbage collected - based on the parent's RevisionHistoryLimit. + description: 'Revision number. Indicates when the revision will be + garbage collected + + based on the parent''s RevisionHistoryLimit.' format: int64 type: integer runtimeConfigRef: default: name: default - description: |- - RuntimeConfigRef references a RuntimeConfig resource that will be used - to configure the package runtime. + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' properties: apiVersion: default: pkg.crossplane.io/v1beta1 @@ -18498,21 +26645,27 @@ spec: type: object skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean tlsClientSecretName: - description: |- - TLSClientSecretName is the name of the TLS Secret that stores client - certificates of the Provider. + description: 'TLSClientSecretName is the name of the TLS Secret that + stores client + + certificates of the Provider.' type: string tlsServerSecretName: - description: |- - TLSServerSecretName is the name of the TLS Secret that stores server - certificates of the Provider. + description: 'TLSServerSecretName is the name of the TLS Secret that + stores server + + certificates of the Provider.' type: string required: - desiredState @@ -18529,21 +26682,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -18555,9 +26714,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -18582,10 +26742,13 @@ spec: objectRefs: description: References to objects owned by PackageRevision. items: - description: |- - A TypedReference refers to an object by Name, Kind, and APIVersion. It is - commonly used to reference cluster-scoped objects or objects where the - namespace is already known. + description: 'A TypedReference refers to an object by Name, Kind, + and APIVersion. It is + + commonly used to reference cluster-scoped objects or objects where + the + + namespace is already known.' properties: apiVersion: description: APIVersion of the referenced object. @@ -18606,30 +26769,46 @@ spec: type: object type: array permissionRequests: - description: |- - PermissionRequests made by this package. The package declares that its + description: 'PermissionRequests made by this package. The package + declares that its + controller needs these permissions to run. The RBAC manager is - responsible for granting them. + + responsible for granting them.' items: - description: |- - PolicyRule holds information that describes a policy rule, but does not contain information - about who the rule applies to or which namespace the rule applies to. + description: 'PolicyRule holds information that describes a policy + rule, but does not contain information + + about who the rule applies to or which namespace the rule applies + to.' properties: apiGroups: - description: |- - APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. + description: 'APIGroups is the name of the APIGroup that contains + the resources. If multiple API groups are specified, any + action requested against one of + + the enumerated resources in any API group will be allowed. + "" represents the core API group and "*" represents all API + groups.' items: type: string type: array + x-kubernetes-list-type: atomic nonResourceURLs: - description: |- - NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path - Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. - Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. + description: 'NonResourceURLs is a set of partial urls that + a user should have access to. *s are allowed, but only as + the full, final step in the path + + Since non-resource URLs are not namespaced, this field is + only applicable for ClusterRoles referenced from a ClusterRoleBinding. + + Rules can either apply to API resources (such as "pods" or + "secrets") or non-resource URL paths (such as "/api"), but + not both.' items: type: string type: array + x-kubernetes-list-type: atomic resourceNames: description: ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything @@ -18637,18 +26816,21 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic resources: description: Resources is a list of resources this rule applies to. '*' represents all resources. items: type: string type: array + x-kubernetes-list-type: atomic verbs: description: Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. items: type: string type: array + x-kubernetes-list-type: atomic required: - verbs type: object @@ -18659,14 +26841,42 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + - pkgrev + kind: ProviderRevision + listKind: ProviderRevisionList + plural: providerrevisions + singular: providerrevision + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: providers.pkg.crossplane.io + resourceVersion: '578' + uid: fc21b65b-a226-46d7-ac90-6339424eb874 spec: + conversion: + strategy: None group: pkg.crossplane.io names: categories: @@ -18694,50 +26904,67 @@ spec: name: v1 schema: openAPIV3Schema: - description: |- - A Provider installs an OCI compatible Crossplane package, extending + description: 'A Provider installs an OCI compatible Crossplane package, extending + Crossplane with support for new kinds of managed resources. + Read the Crossplane documentation for - [more information about Providers](https://docs.crossplane.io/latest/concepts/providers). + + [more information about Providers](https://docs.crossplane.io/latest/concepts/providers).' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: |- - ProviderSpec specifies details about a request to install a provider to - Crossplane. + description: 'ProviderSpec specifies details about a request to install + a provider to + + Crossplane.' properties: commonLabels: additionalProperties: type: string - description: |- - Map of string keys and values that can be used to organize and categorize + description: 'Map of string keys and values that can be used to organize + and categorize + (scope and select) objects. May match selectors of replication controllers + and services. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' type: object controllerConfigRef: - description: |- - ControllerConfigRef references a ControllerConfig resource that will be + description: 'ControllerConfigRef references a ControllerConfig resource + that will be + used to configure the packaged controller Deployment. - Deprecated: Use RuntimeConfigReference instead. + + Deprecated: Use RuntimeConfigReference instead.' properties: name: description: Name of the ControllerConfig. @@ -18747,59 +26974,69 @@ spec: type: object ignoreCrossplaneConstraints: default: false - description: |- - IgnoreCrossplaneConstraints indicates to the package manager whether to + description: 'IgnoreCrossplaneConstraints indicates to the package + manager whether to + honor Crossplane version constrains specified by the package. - Default is false. + + Default is false.' type: boolean package: description: Package is the name of the package that is being requested. type: string packagePullPolicy: default: IfNotPresent - description: |- - PackagePullPolicy defines the pull policy for the package. - Default is IfNotPresent. + description: 'PackagePullPolicy defines the pull policy for the package. + + Default is IfNotPresent.' type: string packagePullSecrets: - description: |- - PackagePullSecrets are named secrets in the same namespace that can be used - to fetch packages from private registries. + description: 'PackagePullSecrets are named secrets in the same namespace + that can be used + + to fetch packages from private registries.' items: - description: |- - LocalObjectReference contains enough information to let you locate the - referenced object inside the same namespace. + description: 'LocalObjectReference contains enough information to + let you locate the + + referenced object inside the same namespace.' properties: name: - description: |- - Name of the referent. + description: 'Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid? + + TODO: Add other useful fields. apiVersion, kind, uid?' type: string type: object x-kubernetes-map-type: atomic type: array revisionActivationPolicy: default: Automatic - description: |- - RevisionActivationPolicy specifies how the package controller should + description: 'RevisionActivationPolicy specifies how the package controller + should + update from one revision to the next. Options are Automatic or Manual. - Default is Automatic. + + Default is Automatic.' type: string revisionHistoryLimit: default: 1 - description: |- - RevisionHistoryLimit dictates how the package controller cleans up old + description: 'RevisionHistoryLimit dictates how the package controller + cleans up old + inactive package revisions. - Defaults to 1. Can be disabled by explicitly setting to 0. + + Defaults to 1. Can be disabled by explicitly setting to 0.' format: int64 type: integer runtimeConfigRef: default: name: default - description: |- - RuntimeConfigRef references a RuntimeConfig resource that will be used - to configure the package runtime. + description: 'RuntimeConfigRef references a RuntimeConfig resource + that will be used + + to configure the package runtime.' properties: apiVersion: default: pkg.crossplane.io/v1beta1 @@ -18817,11 +27054,15 @@ spec: type: object skipDependencyResolution: default: false - description: |- - SkipDependencyResolution indicates to the package manager whether to skip - resolving dependencies for a package. Setting this value to true may have + description: 'SkipDependencyResolution indicates to the package manager + whether to skip + + resolving dependencies for a package. Setting this value to true + may have + unintended consequences. - Default is false. + + Default is false.' type: boolean required: - package @@ -18835,21 +27076,27 @@ spec: description: A Condition that may apply to a resource. properties: lastTransitionTime: - description: |- - LastTransitionTime is the last time this condition transitioned from one - status to another. + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' format: date-time type: string message: - description: |- - A Message containing details about this condition's last transition from - one status to another, if any. + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' type: string observedGeneration: - description: |- - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' format: int64 type: integer reason: @@ -18861,9 +27108,10 @@ spec: False, or Unknown? type: string type: - description: |- - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' type: string required: - lastTransitionTime @@ -18876,19 +27124,29 @@ spec: - type x-kubernetes-list-type: map currentIdentifier: - description: |- - CurrentIdentifier is the most recent package source that was used to + description: 'CurrentIdentifier is the most recent package source + that was used to + produce a revision. The package manager uses this field to determine + whether to check for package updates for a given source when - packagePullPolicy is set to IfNotPresent. Manually removing this field - will cause the package manager to check that the current revision is - correct for the given package source. + + packagePullPolicy is set to IfNotPresent. Manually removing this + field + + will cause the package manager to check that the current revision + is + + correct for the given package source.' type: string currentRevision: - description: |- - CurrentRevision is the name of the current package revision. It will - reflect the most up to date revision, whether it has been activated or - not. + description: 'CurrentRevision is the name of the current package revision. + It will + + reflect the most up to date revision, whether it has been activated + or + + not.' type: string type: object type: object @@ -18896,14 +27154,42 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + categories: + - crossplane + - pkg + kind: Provider + listKind: ProviderList + plural: providers + singular: provider + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1 --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 name: storeconfigs.secrets.crossplane.io + resourceVersion: '579' + uid: 1daf5ff9-6369-407f-8800-ad205d9b2d26 spec: + conversion: + strategy: None group: secrets.crossplane.io names: categories: @@ -18928,24 +27214,34 @@ spec: name: v1alpha1 schema: openAPIV3Schema: - description: |- - A StoreConfig configures how Crossplane controllers should store connection - details in an external secret store. + description: 'A StoreConfig configures how Crossplane controllers should store + connection + + details in an external secret store.' properties: apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + Cannot be updated. + In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -18953,26 +27249,34 @@ spec: description: A StoreConfigSpec defines the desired state of a StoreConfig. properties: defaultScope: - description: |- - DefaultScope used for scoping secrets for "cluster-scoped" resources. - If store type is "Kubernetes", this would mean the default namespace to + description: 'DefaultScope used for scoping secrets for "cluster-scoped" + resources. + + If store type is "Kubernetes", this would mean the default namespace + to + store connection secrets for cluster scoped resources. + In case of "Vault", this would be used as the default parent path. - Typically, should be set as Crossplane installation namespace. + + Typically, should be set as Crossplane installation namespace.' type: string kubernetes: - description: |- - Kubernetes configures a Kubernetes secret store. - If the "type" is "Kubernetes" but no config provided, in cluster config - will be used. + description: 'Kubernetes configures a Kubernetes secret store. + + If the "type" is "Kubernetes" but no config provided, in cluster + config + + will be used.' properties: auth: description: Credentials used to connect to the Kubernetes API. properties: env: - description: |- - Env is a reference to an environment variable that contains credentials - that must be used to connect to the provider. + description: 'Env is a reference to an environment variable + that contains credentials + + that must be used to connect to the provider.' properties: name: description: Name is the name of an environment variable. @@ -18981,9 +27285,10 @@ spec: - name type: object fs: - description: |- - Fs is a reference to a filesystem location that contains credentials that - must be used to connect to the provider. + description: 'Fs is a reference to a filesystem location that + contains credentials that + + must be used to connect to the provider.' properties: path: description: Path is a filesystem path. @@ -18992,9 +27297,10 @@ spec: - path type: object secretRef: - description: |- - A SecretRef is a reference to a secret key that contains the credentials - that must be used to connect to the provider. + description: 'A SecretRef is a reference to a secret key that + contains the credentials + + that must be used to connect to the provider.' properties: key: description: The key to select. @@ -19050,10 +27356,13 @@ spec: type: object type: default: Kubernetes - description: |- - Type configures which secret store to be used. Only the configuration - block for this store will be used and others will be ignored if provided. - Default is Kubernetes. + description: 'Type configures which secret store to be used. Only + the configuration + + block for this store will be used and others will be ignored if + provided. + + Default is Kubernetes.' enum: - Kubernetes - Vault @@ -19068,3 +27377,292 @@ spec: served: true storage: true subresources: {} +status: + acceptedNames: + categories: + - crossplane + - store + kind: StoreConfig + listKind: StoreConfigList + plural: storeconfigs + singular: storeconfig + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1alpha1 +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + creationTimestamp: '2024-09-06T23:42:00Z' + generation: 1 + name: usages.apiextensions.crossplane.io + resourceVersion: '548' + uid: 3eccb949-37c6-4750-96ec-b3f21a2b691e +spec: + conversion: + strategy: None + group: apiextensions.crossplane.io + names: + categories: + - crossplane + kind: Usage + listKind: UsageList + plural: usages + singular: usage + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.annotations.crossplane\.io/usage-details + name: DETAILS + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: 'A Usage defines a deletion blocking relationship between two + resources. + + + + Usages prevent accidental deletion of a single resource or deletion of + + resources with dependent resources. + + + + Read the Crossplane documentation for + + [more information about Compositions](https://docs.crossplane.io/latest/concepts/usages).' + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal value, + and + + may reject unrecognized values. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits requests + to. + + Cannot be updated. + + In CamelCase. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: UsageSpec defines the desired state of Usage. + properties: + by: + description: By is the resource that is "using the other resource". + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + resourceRef: + description: Reference to the resource. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + resourceSelector: + description: 'Selector to the resource. + + This field will be ignored if ResourceRef is set.' + properties: + matchControllerRef: + description: 'MatchControllerRef ensures an object with the + same controller reference + + as the selecting object is selected.' + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + type: object + type: object + x-kubernetes-validations: + - message: either a resource reference or a resource selector should + be set. + rule: has(self.resourceRef) || has(self.resourceSelector) + of: + description: Of is the resource that is "being used". + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. + + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + resourceRef: + description: Reference to the resource. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + resourceSelector: + description: 'Selector to the resource. + + This field will be ignored if ResourceRef is set.' + properties: + matchControllerRef: + description: 'MatchControllerRef ensures an object with the + same controller reference + + as the selecting object is selected.' + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + type: object + type: object + x-kubernetes-validations: + - message: either a resource reference or a resource selector should + be set. + rule: has(self.resourceRef) || has(self.resourceSelector) + reason: + description: Reason is the reason for blocking deletion of the resource. + type: string + replayDeletion: + description: ReplayDeletion will trigger a deletion on the used resource + during the deletion of the usage itself, if it was attempted to + be deleted at least once. + type: boolean + required: + - of + type: object + x-kubernetes-validations: + - message: either "spec.by" or "spec.reason" must be specified. + rule: has(self.by) || has(self.reason) + status: + description: UsageStatus defines the observed state of Usage. + properties: + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: 'LastTransitionTime is the last time this condition + transitioned from one + + status to another.' + format: date-time + type: string + message: + description: 'A Message containing details about this condition''s + last transition from + + one status to another, if any.' + type: string + observedGeneration: + description: 'ObservedGeneration represents the .metadata.generation + that the condition was set based upon. + + For instance, if .metadata.generation is currently 12, but + the .status.conditions[x].observedGeneration is 9, the condition + is out of date + + with respect to the current state of the instance.' + format: int64 + type: integer + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: 'Type of this condition. At most one of each condition + type may apply to + + a resource at any point in time.' + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + categories: + - crossplane + kind: Usage + listKind: UsageList + plural: usages + singular: usage + conditions: + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: no conflicts found + reason: NoConflicts + status: 'True' + type: NamesAccepted + - lastTransitionTime: '2024-09-06T23:42:00Z' + message: the initial names have been accepted + reason: InitialNamesAccepted + status: 'True' + type: Established + storedVersions: + - v1alpha1 + diff --git a/crossplane/kcl.mod.lock b/crossplane/kcl.mod.lock index 8c61a23b..e9b8686e 100644 --- a/crossplane/kcl.mod.lock +++ b/crossplane/kcl.mod.lock @@ -3,7 +3,3 @@ name = "k8s" full_name = "k8s_1.28" version = "1.28" - sum = "aTxPUVZyr9MdiB3YdiY/8pCh9sC55yURnZdGlJsKG6Q=" - reg = "ghcr.io" - repo = "kcl-lang/k8s" - oci_tag = "1.28" diff --git a/crossplane/v1/apiextensions_crossplane_io_v1_composition.k b/crossplane/v1/apiextensions_crossplane_io_v1_composition.k index 97021e50..9512bfd5 100644 --- a/crossplane/v1/apiextensions_crossplane_io_v1_composition.k +++ b/crossplane/v1/apiextensions_crossplane_io_v1_composition.k @@ -50,17 +50,20 @@ schema ApiextensionsCrossplaneIoV1CompositionSpec: Mode controls what type or "mode" of Composition will be used. - "Resources" (the default) indicates that a Composition uses what is - commonly referred to as "Patch & Transform" or P&T composition. This mode - of Composition uses an array of resources, each a template for a composed - resource. + "Pipeline" indicates that a Composition specifies a pipeline of + Composition Functions, each of which is responsible for producing + composed resources that Crossplane should create or update. - "Pipeline" indicates that a Composition specifies a pipeline - of Composition Functions, each of which is responsible for producing - composed resources that Crossplane should create or update. THE PIPELINE - MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane - feature flag is disabled. + "Resources" indicates that a Composition uses what is commonly referred + to as "Patch & Transform" or P&T composition. This mode of Composition + uses an array of resources, each a template for a composed resource. + + + All Compositions should use Pipeline mode. Resources mode is deprecated. + Resources mode won't be removed in Crossplane 1.x, and will remain the + default to avoid breaking legacy Compositions. However, it's no longer + accepting new features, and only accepting security related bug fixes. patchSets : [ApiextensionsCrossplaneIoV1CompositionSpecPatchSetsItems0], default is Undefined, optional PatchSets define a named set of patches that may be included by any resource in this Composition. PatchSets cannot themselves refer to other @@ -69,6 +72,9 @@ schema ApiextensionsCrossplaneIoV1CompositionSpec: PatchSets are only used by the "Resources" mode of Composition. They are ignored by other modes. + + + Deprecated: Use Composition Functions instead. pipeline : [ApiextensionsCrossplaneIoV1CompositionSpecPipelineItems0], default is Undefined, optional Pipeline is a list of composition function steps that will be used when a composite resource referring to this composition is created. One of @@ -77,10 +83,6 @@ schema ApiextensionsCrossplaneIoV1CompositionSpec: The Pipeline is only used by the "Pipeline" mode of Composition. It is ignored by other modes. - - - THIS IS A BETA FIELD. It is not honored if the relevant Crossplane - feature flag is disabled. publishConnectionDetailsWithStoreConfigRef : ApiextensionsCrossplaneIoV1CompositionSpecPublishConnectionDetailsWithStoreConfigRef, default is Undefined, optional publish connection details with store config ref resources : [ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0], default is Undefined, optional @@ -90,6 +92,9 @@ schema ApiextensionsCrossplaneIoV1CompositionSpec: Resources are only used by the "Resources" mode of Composition. They are ignored by other modes. + + + Deprecated: Use Composition Functions instead. writeConnectionSecretsToNamespace : str, default is Undefined, optional WriteConnectionSecretsToNamespace specifies the namespace in which the connection secrets of composite resource dynamically provisioned using @@ -1221,7 +1226,7 @@ schema ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0: patches?: [ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0PatchesItems0] - readinessChecks?: [ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0ReadinessChecksItems0] = [{"matchCondition": {"status": "True", "type": "Ready"}, "type": "MatchCondition"}] + readinessChecks?: [ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0ReadinessChecksItems0] = [{"matchCondition": {"type": "Ready", "status": "True"}, "type": "MatchCondition"}] schema ApiextensionsCrossplaneIoV1CompositionSpecResourcesItems0ConnectionDetailsItems0: diff --git a/crossplane/v1/apiextensions_crossplane_io_v1_composition_revision.k b/crossplane/v1/apiextensions_crossplane_io_v1_composition_revision.k index e90119ca..b7dfc4ff 100644 --- a/crossplane/v1/apiextensions_crossplane_io_v1_composition_revision.k +++ b/crossplane/v1/apiextensions_crossplane_io_v1_composition_revision.k @@ -55,17 +55,20 @@ schema ApiextensionsCrossplaneIoV1CompositionRevisionSpec: Mode controls what type or "mode" of Composition will be used. - "Resources" (the default) indicates that a Composition uses what is - commonly referred to as "Patch & Transform" or P&T composition. This mode - of Composition uses an array of resources, each a template for a composed - resource. + "Pipeline" indicates that a Composition specifies a pipeline of + Composition Functions, each of which is responsible for producing + composed resources that Crossplane should create or update. - "Pipeline" indicates that a Composition specifies a pipeline - of Composition Functions, each of which is responsible for producing - composed resources that Crossplane should create or update. THE PIPELINE - MODE IS A BETA FEATURE. It is not honored if the relevant Crossplane - feature flag is disabled. + "Resources" indicates that a Composition uses what is commonly referred + to as "Patch & Transform" or P&T composition. This mode of Composition + uses an array of resources, each a template for a composed resource. + + + All Compositions should use Pipeline mode. Resources mode is deprecated. + Resources mode won't be removed in Crossplane 1.x, and will remain the + default to avoid breaking legacy Compositions. However, it's no longer + accepting new features, and only accepting security related bug fixes. patchSets : [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPatchSetsItems0], default is Undefined, optional PatchSets define a named set of patches that may be included by any resource in this Composition. PatchSets cannot themselves refer to other @@ -74,6 +77,9 @@ schema ApiextensionsCrossplaneIoV1CompositionRevisionSpec: PatchSets are only used by the "Resources" mode of Composition. They are ignored by other modes. + + + Deprecated: Use Composition Functions instead. pipeline : [ApiextensionsCrossplaneIoV1CompositionRevisionSpecPipelineItems0], default is Undefined, optional Pipeline is a list of composition function steps that will be used when a composite resource referring to this composition is created. One of @@ -82,10 +88,6 @@ schema ApiextensionsCrossplaneIoV1CompositionRevisionSpec: The Pipeline is only used by the "Pipeline" mode of Composition. It is ignored by other modes. - - - THIS IS A BETA FIELD. It is not honored if the relevant Crossplane - feature flag is disabled. publishConnectionDetailsWithStoreConfigRef : ApiextensionsCrossplaneIoV1CompositionRevisionSpecPublishConnectionDetailsWithStoreConfigRef, default is Undefined, optional publish connection details with store config ref resources : [ApiextensionsCrossplaneIoV1CompositionRevisionSpecResourcesItems0], default is Undefined, optional @@ -95,6 +97,9 @@ schema ApiextensionsCrossplaneIoV1CompositionRevisionSpec: Resources are only used by the "Resources" mode of Composition. They are ignored by other modes. + + + Deprecated: Use Composition Functions instead. revision : int, default is Undefined, required Revision number. Newer revisions have larger numbers. writeConnectionSecretsToNamespace : str, default is Undefined, optional diff --git a/crossplane/v1/meta_pkg_crossplane_io_v1_configuration.k b/crossplane/v1/meta_pkg_crossplane_io_v1_configuration.k deleted file mode 100644 index 223d333a..00000000 --- a/crossplane/v1/meta_pkg_crossplane_io_v1_configuration.k +++ /dev/null @@ -1,91 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema MetaConfiguration: - """ - A Configuration is the description of a Crossplane Configuration package. - - Attributes - ---------- - apiVersion : str, default is "meta.pkg.crossplane.io/v1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "Configuration", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : MetaPkgCrossplaneIoV1ConfigurationSpec, default is Undefined, required - spec - """ - - - apiVersion: "meta.pkg.crossplane.io/v1" = "meta.pkg.crossplane.io/v1" - - kind: "Configuration" = "Configuration" - - metadata?: v1.ObjectMeta - - spec: MetaPkgCrossplaneIoV1ConfigurationSpec - - -schema MetaPkgCrossplaneIoV1ConfigurationSpec: - """ - ConfigurationSpec specifies the configuration of a Configuration. - - Attributes - ---------- - crossplane : MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane, default is Undefined, optional - crossplane - dependsOn : [MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0], default is Undefined, optional - Dependencies on other packages. - """ - - - crossplane?: MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane - - dependsOn?: [MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0] - - -schema MetaPkgCrossplaneIoV1ConfigurationSpecCrossplane: - """ - Semantic version constraints of Crossplane that package is compatible with. - - Attributes - ---------- - version : str, default is Undefined, required - Semantic version constraints of Crossplane that package is compatible with. - """ - - - version: str - - -schema MetaPkgCrossplaneIoV1ConfigurationSpecDependsOnItems0: - """ - Dependency is a dependency on another package. One of Provider or Configuration may be supplied. - - Attributes - ---------- - configuration : str, default is Undefined, optional - Configuration is the name of a Configuration package image. - function : str, default is Undefined, optional - Function is the name of a Function package image. - provider : str, default is Undefined, optional - Provider is the name of a Provider package image. - version : str, default is Undefined, required - Version is the semantic version constraints of the dependency image. - """ - - - configuration?: str - - function?: str - - provider?: str - - version: str - - diff --git a/crossplane/v1/meta_pkg_crossplane_io_v1_provider.k b/crossplane/v1/meta_pkg_crossplane_io_v1_provider.k deleted file mode 100644 index ae4a6690..00000000 --- a/crossplane/v1/meta_pkg_crossplane_io_v1_provider.k +++ /dev/null @@ -1,149 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema MetaProvider: - """ - A Provider is the description of a Crossplane Provider package. - - Attributes - ---------- - apiVersion : str, default is "meta.pkg.crossplane.io/v1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "Provider", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : MetaPkgCrossplaneIoV1ProviderSpec, default is Undefined, required - spec - """ - - - apiVersion: "meta.pkg.crossplane.io/v1" = "meta.pkg.crossplane.io/v1" - - kind: "Provider" = "Provider" - - metadata?: v1.ObjectMeta - - spec: MetaPkgCrossplaneIoV1ProviderSpec - - -schema MetaPkgCrossplaneIoV1ProviderSpec: - """ - ProviderSpec specifies the configuration of a Provider. - - Attributes - ---------- - controller : MetaPkgCrossplaneIoV1ProviderSpecController, default is Undefined, required - controller - crossplane : MetaPkgCrossplaneIoV1ProviderSpecCrossplane, default is Undefined, optional - crossplane - dependsOn : [MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0], default is Undefined, optional - Dependencies on other packages. - """ - - - controller: MetaPkgCrossplaneIoV1ProviderSpecController - - crossplane?: MetaPkgCrossplaneIoV1ProviderSpecCrossplane - - dependsOn?: [MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0] - - -schema MetaPkgCrossplaneIoV1ProviderSpecController: - """ - Configuration for the packaged Provider's controller. - - Attributes - ---------- - image : str, default is Undefined, optional - Image is the packaged Provider controller image. - permissionRequests : [MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0], default is Undefined, optional - PermissionRequests for RBAC rules required for this provider's controller - to function. The RBAC manager is responsible for assessing the requested - permissions. - """ - - - image?: str - - permissionRequests?: [MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0] - - -schema MetaPkgCrossplaneIoV1ProviderSpecControllerPermissionRequestsItems0: - """ - PolicyRule holds information that describes a policy rule, but does not contain information - about who the rule applies to or which namespace the rule applies to. - - Attributes - ---------- - apiGroups : [str], default is Undefined, optional - APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of - the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. - nonResourceURLs : [str], default is Undefined, optional - NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path - Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. - Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. - resourceNames : [str], default is Undefined, optional - ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. - resources : [str], default is Undefined, optional - Resources is a list of resources this rule applies to. '*' represents all resources. - verbs : [str], default is Undefined, required - Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '*' represents all verbs. - """ - - - apiGroups?: [str] - - nonResourceURLs?: [str] - - resourceNames?: [str] - - resources?: [str] - - verbs: [str] - - -schema MetaPkgCrossplaneIoV1ProviderSpecCrossplane: - """ - Semantic version constraints of Crossplane that package is compatible with. - - Attributes - ---------- - version : str, default is Undefined, required - Semantic version constraints of Crossplane that package is compatible with. - """ - - - version: str - - -schema MetaPkgCrossplaneIoV1ProviderSpecDependsOnItems0: - """ - Dependency is a dependency on another package. One of Provider or Configuration may be supplied. - - Attributes - ---------- - configuration : str, default is Undefined, optional - Configuration is the name of a Configuration package image. - function : str, default is Undefined, optional - Function is the name of a Function package image. - provider : str, default is Undefined, optional - Provider is the name of a Provider package image. - version : str, default is Undefined, required - Version is the semantic version constraints of the dependency image. - """ - - - configuration?: str - - function?: str - - provider?: str - - version: str - - diff --git a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_function.k b/crossplane/v1/pkg_crossplane_io_v1_function.k similarity index 82% rename from crossplane/v1beta1/pkg_crossplane_io_v1beta1_function.k rename to crossplane/v1/pkg_crossplane_io_v1_function.k index d0ae4c1b..9a3d6d9b 100644 --- a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_function.k +++ b/crossplane/v1/pkg_crossplane_io_v1_function.k @@ -16,31 +16,31 @@ schema Function: Attributes ---------- - apiVersion : str, default is "pkg.crossplane.io/v1beta1", required + apiVersion : str, default is "pkg.crossplane.io/v1", required APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources kind : str, default is "Function", required Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds metadata : v1.ObjectMeta, default is Undefined, optional metadata - spec : PkgCrossplaneIoV1beta1FunctionSpec, default is Undefined, optional + spec : PkgCrossplaneIoV1FunctionSpec, default is Undefined, optional spec - status : PkgCrossplaneIoV1beta1FunctionStatus, default is Undefined, optional + status : PkgCrossplaneIoV1FunctionStatus, default is Undefined, optional status """ - apiVersion: "pkg.crossplane.io/v1beta1" = "pkg.crossplane.io/v1beta1" + apiVersion: "pkg.crossplane.io/v1" = "pkg.crossplane.io/v1" kind: "Function" = "Function" metadata?: v1.ObjectMeta - spec?: PkgCrossplaneIoV1beta1FunctionSpec + spec?: PkgCrossplaneIoV1FunctionSpec - status?: PkgCrossplaneIoV1beta1FunctionStatus + status?: PkgCrossplaneIoV1FunctionStatus -schema PkgCrossplaneIoV1beta1FunctionSpec: +schema PkgCrossplaneIoV1FunctionSpec: r""" FunctionSpec specifies the configuration of a Function. @@ -51,7 +51,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpec: (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - controllerConfigRef : PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef, default is Undefined, optional + controllerConfigRef : PkgCrossplaneIoV1FunctionSpecControllerConfigRef, default is Undefined, optional controller config ref ignoreCrossplaneConstraints : bool, default is Undefined, optional IgnoreCrossplaneConstraints indicates to the package manager whether to @@ -62,7 +62,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpec: packagePullPolicy : str, default is "IfNotPresent", optional PackagePullPolicy defines the pull policy for the package. Default is IfNotPresent. - packagePullSecrets : [PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0], default is Undefined, optional + packagePullSecrets : [PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0], default is Undefined, optional PackagePullSecrets are named secrets in the same namespace that can be used to fetch packages from private registries. revisionActivationPolicy : str, default is "Automatic", optional @@ -73,7 +73,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpec: RevisionHistoryLimit dictates how the package controller cleans up old inactive package revisions. Defaults to 1. Can be disabled by explicitly setting to 0. - runtimeConfigRef : PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef, default is Undefined, optional + runtimeConfigRef : PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef, default is Undefined, optional runtime config ref skipDependencyResolution : bool, default is Undefined, optional SkipDependencyResolution indicates to the package manager whether to skip @@ -85,7 +85,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpec: commonLabels?: {str:str} - controllerConfigRef?: PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef + controllerConfigRef?: PkgCrossplaneIoV1FunctionSpecControllerConfigRef ignoreCrossplaneConstraints?: bool = False @@ -93,18 +93,18 @@ schema PkgCrossplaneIoV1beta1FunctionSpec: packagePullPolicy?: str = "IfNotPresent" - packagePullSecrets?: [PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0] + packagePullSecrets?: [PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0] revisionActivationPolicy?: str = "Automatic" revisionHistoryLimit?: int = 1 - runtimeConfigRef?: PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef + runtimeConfigRef?: PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef skipDependencyResolution?: bool = False -schema PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef: +schema PkgCrossplaneIoV1FunctionSpecControllerConfigRef: r""" ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. @@ -120,7 +120,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpecControllerConfigRef: name: str -schema PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0: +schema PkgCrossplaneIoV1FunctionSpecPackagePullSecretsItems0: r""" LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. @@ -137,7 +137,7 @@ schema PkgCrossplaneIoV1beta1FunctionSpecPackagePullSecretsItems0: name?: str -schema PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef: +schema PkgCrossplaneIoV1FunctionSpecRuntimeConfigRef: r""" RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. @@ -160,13 +160,13 @@ schema PkgCrossplaneIoV1beta1FunctionSpecRuntimeConfigRef: name: str -schema PkgCrossplaneIoV1beta1FunctionStatus: +schema PkgCrossplaneIoV1FunctionStatus: r""" FunctionStatus represents the observed state of a Function. Attributes ---------- - conditions : [PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0], default is Undefined, optional + conditions : [PkgCrossplaneIoV1FunctionStatusConditionsItems0], default is Undefined, optional Conditions of the resource. currentIdentifier : str, default is Undefined, optional CurrentIdentifier is the most recent package source that was used to @@ -182,14 +182,14 @@ schema PkgCrossplaneIoV1beta1FunctionStatus: """ - conditions?: [PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0] + conditions?: [PkgCrossplaneIoV1FunctionStatusConditionsItems0] currentIdentifier?: str currentRevision?: str -schema PkgCrossplaneIoV1beta1FunctionStatusConditionsItems0: +schema PkgCrossplaneIoV1FunctionStatusConditionsItems0: r""" A Condition that may apply to a resource. diff --git a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_function_revision.k b/crossplane/v1/pkg_crossplane_io_v1_function_revision.k similarity index 81% rename from crossplane/v1beta1/pkg_crossplane_io_v1beta1_function_revision.k rename to crossplane/v1/pkg_crossplane_io_v1_function_revision.k index 23ff0d47..d0abdb7b 100644 --- a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_function_revision.k +++ b/crossplane/v1/pkg_crossplane_io_v1_function_revision.k @@ -16,31 +16,31 @@ schema FunctionRevision: Attributes ---------- - apiVersion : str, default is "pkg.crossplane.io/v1beta1", required + apiVersion : str, default is "pkg.crossplane.io/v1", required APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources kind : str, default is "FunctionRevision", required Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds metadata : v1.ObjectMeta, default is Undefined, optional metadata - spec : PkgCrossplaneIoV1beta1FunctionRevisionSpec, default is Undefined, optional + spec : PkgCrossplaneIoV1FunctionRevisionSpec, default is Undefined, optional spec - status : PkgCrossplaneIoV1beta1FunctionRevisionStatus, default is Undefined, optional + status : PkgCrossplaneIoV1FunctionRevisionStatus, default is Undefined, optional status """ - apiVersion: "pkg.crossplane.io/v1beta1" = "pkg.crossplane.io/v1beta1" + apiVersion: "pkg.crossplane.io/v1" = "pkg.crossplane.io/v1" kind: "FunctionRevision" = "FunctionRevision" metadata?: v1.ObjectMeta - spec?: PkgCrossplaneIoV1beta1FunctionRevisionSpec + spec?: PkgCrossplaneIoV1FunctionRevisionSpec - status?: PkgCrossplaneIoV1beta1FunctionRevisionStatus + status?: PkgCrossplaneIoV1FunctionRevisionStatus -schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: +schema PkgCrossplaneIoV1FunctionRevisionSpec: r""" FunctionRevisionSpec specifies configuration for a FunctionRevision. @@ -51,7 +51,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: (scope and select) objects. May match selectors of replication controllers and services. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ - controllerConfigRef : PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef, default is Undefined, optional + controllerConfigRef : PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef, default is Undefined, optional controller config ref desiredState : str, default is Undefined, required DesiredState of the PackageRevision. Can be either Active or Inactive. @@ -66,14 +66,14 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: applied to any images pulled for the package, such as a provider's controller image. Default is IfNotPresent. - packagePullSecrets : [PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0], default is Undefined, optional + packagePullSecrets : [PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0], default is Undefined, optional PackagePullSecrets are named secrets in the same namespace that can be used to fetch packages from private registries. They are also applied to any images pulled for the package, such as a provider's controller image. revision : int, default is Undefined, required Revision number. Indicates when the revision will be garbage collected based on the parent's RevisionHistoryLimit. - runtimeConfigRef : PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef, default is Undefined, optional + runtimeConfigRef : PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef, default is Undefined, optional runtime config ref skipDependencyResolution : bool, default is Undefined, optional SkipDependencyResolution indicates to the package manager whether to skip @@ -91,7 +91,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: commonLabels?: {str:str} - controllerConfigRef?: PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef + controllerConfigRef?: PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef desiredState: str @@ -101,11 +101,11 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: packagePullPolicy?: str = "IfNotPresent" - packagePullSecrets?: [PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0] + packagePullSecrets?: [PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0] revision: int - runtimeConfigRef?: PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef + runtimeConfigRef?: PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef skipDependencyResolution?: bool = False @@ -114,7 +114,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpec: tlsServerSecretName?: str -schema PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef: +schema PkgCrossplaneIoV1FunctionRevisionSpecControllerConfigRef: r""" ControllerConfigRef references a ControllerConfig resource that will be used to configure the packaged controller Deployment. @@ -130,7 +130,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpecControllerConfigRef: name: str -schema PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0: +schema PkgCrossplaneIoV1FunctionRevisionSpecPackagePullSecretsItems0: r""" LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. @@ -147,7 +147,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpecPackagePullSecretsItems0: name?: str -schema PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef: +schema PkgCrossplaneIoV1FunctionRevisionSpecRuntimeConfigRef: r""" RuntimeConfigRef references a RuntimeConfig resource that will be used to configure the package runtime. @@ -170,13 +170,13 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionSpecRuntimeConfigRef: name: str -schema PkgCrossplaneIoV1beta1FunctionRevisionStatus: +schema PkgCrossplaneIoV1FunctionRevisionStatus: r""" FunctionRevisionStatus represents the observed state of a FunctionRevision. Attributes ---------- - conditions : [PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0], default is Undefined, optional + conditions : [PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0], default is Undefined, optional Conditions of the resource. endpoint : str, default is Undefined, optional Endpoint is the gRPC endpoint where Crossplane will send @@ -187,16 +187,16 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionStatus: installed dependencies invalidDependencies : int, default is Undefined, optional invalid dependencies - objectRefs : [PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0], default is Undefined, optional + objectRefs : [PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0], default is Undefined, optional References to objects owned by PackageRevision. - permissionRequests : [PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0], default is Undefined, optional + permissionRequests : [PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0], default is Undefined, optional PermissionRequests made by this package. The package declares that its controller needs these permissions to run. The RBAC manager is responsible for granting them. """ - conditions?: [PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0] + conditions?: [PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0] endpoint?: str @@ -206,12 +206,12 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionStatus: invalidDependencies?: int - objectRefs?: [PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0] + objectRefs?: [PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0] - permissionRequests?: [PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0] + permissionRequests?: [PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0] -schema PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0: +schema PkgCrossplaneIoV1FunctionRevisionStatusConditionsItems0: r""" A Condition that may apply to a resource. @@ -250,7 +250,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionStatusConditionsItems0: $type: str -schema PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0: +schema PkgCrossplaneIoV1FunctionRevisionStatusObjectRefsItems0: r""" A TypedReference refers to an object by Name, Kind, and APIVersion. It is commonly used to reference cluster-scoped objects or objects where the @@ -278,7 +278,7 @@ schema PkgCrossplaneIoV1beta1FunctionRevisionStatusObjectRefsItems0: uid?: str -schema PkgCrossplaneIoV1beta1FunctionRevisionStatusPermissionRequestsItems0: +schema PkgCrossplaneIoV1FunctionRevisionStatusPermissionRequestsItems0: r""" PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to. diff --git a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config.k b/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config.k deleted file mode 100644 index 4f2ea612..00000000 --- a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config.k +++ /dev/null @@ -1,277 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema ProviderConfig: - r""" - A ProviderConfig configures a Helm 'provider', i.e. a connection to a particular - - Attributes - ---------- - apiVersion : str, default is "helm.crossplane.io/v1alpha1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "ProviderConfig", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : HelmCrossplaneIoV1alpha1ProviderConfigSpec, default is Undefined, required - spec - status : HelmCrossplaneIoV1alpha1ProviderConfigStatus, default is Undefined, optional - status - """ - - - apiVersion: "helm.crossplane.io/v1alpha1" = "helm.crossplane.io/v1alpha1" - - kind: "ProviderConfig" = "ProviderConfig" - - metadata?: v1.ObjectMeta - - spec: HelmCrossplaneIoV1alpha1ProviderConfigSpec - - status?: HelmCrossplaneIoV1alpha1ProviderConfigStatus - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpec: - r""" - A ProviderConfigSpec defines the desired state of a Provider. - - Attributes - ---------- - credentials : HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials, default is Undefined, required - credentials - identity : HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity, default is Undefined, optional - identity - """ - - - credentials: HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials - - identity?: HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentials: - r""" - Credentials used to connect to the Kubernetes API. Typically a - kubeconfig file. Use InjectedIdentity for in-cluster config. - - Attributes - ---------- - env : HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv, default is Undefined, optional - env - fs : HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs, default is Undefined, optional - fs - secretRef : HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef, default is Undefined, optional - secret ref - source : str, default is Undefined, required - Source of the provider credentials. - """ - - - env?: HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv - - fs?: HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs - - secretRef?: HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef - - source: "None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem" - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsEnv: - r""" - Env is a reference to an environment variable that contains credentials - that must be used to connect to the provider. - - Attributes - ---------- - name : str, default is Undefined, required - Name is the name of an environment variable. - """ - - - name: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsFs: - r""" - Fs is a reference to a filesystem location that contains credentials that - must be used to connect to the provider. - - Attributes - ---------- - path : str, default is Undefined, required - Path is a filesystem path. - """ - - - path: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecCredentialsSecretRef: - r""" - A SecretRef is a reference to a secret key that contains the credentials - that must be used to connect to the provider. - - Attributes - ---------- - key : str, default is Undefined, required - The key to select. - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - key: str - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentity: - r""" - Identity used to authenticate to the Kubernetes API. The identity - credentials can be used to supplement kubeconfig 'credentials', for - example by configuring a bearer token source such as OAuth. - - Attributes - ---------- - env : HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv, default is Undefined, optional - env - fs : HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs, default is Undefined, optional - fs - secretRef : HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef, default is Undefined, optional - secret ref - source : str, default is Undefined, required - Source of the provider credentials. - $type : str, default is Undefined, required - Type of identity. - """ - - - env?: HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv - - fs?: HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs - - secretRef?: HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef - - source: "None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem" - - $type: "GoogleApplicationCredentials" - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityEnv: - r""" - Env is a reference to an environment variable that contains credentials - that must be used to connect to the provider. - - Attributes - ---------- - name : str, default is Undefined, required - Name is the name of an environment variable. - """ - - - name: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentityFs: - r""" - Fs is a reference to a filesystem location that contains credentials that - must be used to connect to the provider. - - Attributes - ---------- - path : str, default is Undefined, required - Path is a filesystem path. - """ - - - path: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigSpecIdentitySecretRef: - r""" - A SecretRef is a reference to a secret key that contains the credentials - that must be used to connect to the provider. - - Attributes - ---------- - key : str, default is Undefined, required - The key to select. - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - key: str - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1alpha1ProviderConfigStatus: - r""" - A ProviderConfigStatus defines the status of a Provider. - - Attributes - ---------- - conditions : [HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0], default is Undefined, optional - Conditions of the resource. - users : int, default is Undefined, optional - Users of this provider configuration. - """ - - - conditions?: [HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0] - - users?: int - - -schema HelmCrossplaneIoV1alpha1ProviderConfigStatusConditionsItems0: - r""" - A Condition that may apply to a resource. - - Attributes - ---------- - lastTransitionTime : str, default is Undefined, required - LastTransitionTime is the last time this condition transitioned from one - status to another. - message : str, default is Undefined, optional - A Message containing details about this condition's last transition from - one status to another, if any. - observedGeneration : int, default is Undefined, optional - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - reason : str, default is Undefined, required - A Reason for this condition's last transition from one status to another. - status : str, default is Undefined, required - Status of this condition; is it currently True, False, or Unknown? - $type : str, default is Undefined, required - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. - """ - - - lastTransitionTime: str - - message?: str - - observedGeneration?: int - - reason: str - - status: str - - $type: str - - diff --git a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config_usage.k b/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config_usage.k deleted file mode 100644 index 19fcf805..00000000 --- a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_provider_config_usage.k +++ /dev/null @@ -1,105 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema ProviderConfigUsage: - r""" - A ProviderConfigUsage indicates that a resource is using a ProviderConfig. - - Attributes - ---------- - apiVersion : str, default is "helm.crossplane.io/v1alpha1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "ProviderConfigUsage", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - providerConfigRef : HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRef, default is Undefined, required - provider config ref - resourceRef : HelmCrossplaneIoV1alpha1ProviderConfigUsageResourceRef, default is Undefined, required - resource ref - """ - - - apiVersion: "helm.crossplane.io/v1alpha1" = "helm.crossplane.io/v1alpha1" - - kind: "ProviderConfigUsage" = "ProviderConfigUsage" - - metadata?: v1.ObjectMeta - - providerConfigRef: HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRef - - resourceRef: HelmCrossplaneIoV1alpha1ProviderConfigUsageResourceRef - - -schema HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRef: - r""" - ProviderConfigReference to the provider config being used. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRefPolicy - - -schema HelmCrossplaneIoV1alpha1ProviderConfigUsageProviderConfigRefPolicy: - r""" - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema HelmCrossplaneIoV1alpha1ProviderConfigUsageResourceRef: - r""" - ResourceReference to the managed resource using the provider config. - - Attributes - ---------- - apiVersion : str, default is Undefined, required - APIVersion of the referenced object. - kind : str, default is Undefined, required - Kind of the referenced object. - name : str, default is Undefined, required - Name of the referenced object. - uid : str, default is Undefined, optional - UID of the referenced object. - """ - - - apiVersion: str - - kind: str - - name: str - - uid?: str - - diff --git a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_release.k b/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_release.k deleted file mode 100644 index fed91c1f..00000000 --- a/crossplane/v1alpha1/helm_crossplane_io_v1alpha1_release.k +++ /dev/null @@ -1,666 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema Release: - r""" - A Release is an example API type - - Attributes - ---------- - apiVersion : str, default is "helm.crossplane.io/v1alpha1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "Release", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : HelmCrossplaneIoV1alpha1ReleaseSpec, default is Undefined, required - spec - status : HelmCrossplaneIoV1alpha1ReleaseStatus, default is Undefined, optional - status - """ - - - apiVersion: "helm.crossplane.io/v1alpha1" = "helm.crossplane.io/v1alpha1" - - kind: "Release" = "Release" - - metadata?: v1.ObjectMeta - - spec: HelmCrossplaneIoV1alpha1ReleaseSpec - - status?: HelmCrossplaneIoV1alpha1ReleaseStatus - - -schema HelmCrossplaneIoV1alpha1ReleaseSpec: - r""" - A ReleaseSpec defines the desired state of a Release. - - Attributes - ---------- - deletionPolicy : str, default is "Delete", optional - DeletionPolicy specifies what will happen to the underlying external - when this managed resource is deleted - either "Delete" or "Orphan" the - external resource. - This field is planned to be deprecated in favor of the ManagementPolicies - field in a future release. Currently, both could be set independently and - non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 - forProvider : HelmCrossplaneIoV1alpha1ReleaseSpecForProvider, default is Undefined, required - for provider - managementPolicies : [str], default is ["*"], optional - THIS IS A BETA FIELD. It is on by default but can be opted out - through a Crossplane feature flag. - ManagementPolicies specify the array of actions Crossplane is allowed to - take on the managed and external resources. - This field is planned to replace the DeletionPolicy field in a future - release. Currently, both could be set independently and non-default - values would be honored if the feature flag is enabled. If both are - custom, the DeletionPolicy field will be ignored. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 - and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md - providerConfigRef : HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRef, default is Undefined, optional - provider config ref - publishConnectionDetailsTo : HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsTo, default is Undefined, optional - publish connection details to - rollbackLimit : int, default is Undefined, optional - RollbackRetriesLimit is max number of attempts to retry Helm deployment by rolling back the release. - writeConnectionSecretToRef : HelmCrossplaneIoV1alpha1ReleaseSpecWriteConnectionSecretToRef, default is Undefined, optional - write connection secret to ref - """ - - - deletionPolicy?: "Orphan" | "Delete" = "Delete" - - forProvider: HelmCrossplaneIoV1alpha1ReleaseSpecForProvider - - managementPolicies?: [str] = ["*"] - - providerConfigRef?: HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRef - - publishConnectionDetailsTo?: HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsTo - - rollbackLimit?: int - - writeConnectionSecretToRef?: HelmCrossplaneIoV1alpha1ReleaseSpecWriteConnectionSecretToRef - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProvider: - r""" - ReleaseParameters are the configurable fields of a Release. - - Attributes - ---------- - chart : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChart, default is Undefined, required - chart - namespace : str, default is Undefined, required - namespace - patchesFrom : [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0], default is Undefined, optional - patches from - set : [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0], default is Undefined, optional - set - values : any, default is Undefined, optional - values - valuesFrom : [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0], default is Undefined, optional - values from - wait : bool, default is Undefined, optional - wait - """ - - - chart: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChart - - namespace: str - - patchesFrom?: [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0] - - set?: [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0] - - values?: any - - valuesFrom?: [HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0] - - wait?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChart: - r""" - A ChartSpec defines the chart spec for a Release - - Attributes - ---------- - name : str, default is Undefined, required - name - pullSecretRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChartPullSecretRef, default is Undefined, optional - pull secret ref - repository : str, default is Undefined, required - repository - version : str, default is Undefined, required - version - """ - - - name: str - - pullSecretRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChartPullSecretRef - - repository: str - - version: str - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderChartPullSecretRef: - r""" - A SecretReference is a reference to a secret in an arbitrary namespace. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0: - r""" - SetVal represents a "set" value override in a Release - - Attributes - ---------- - name : str, default is Undefined, required - name - value : str, default is Undefined, optional - value - valueFrom : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFrom, default is Undefined, optional - value from - """ - - - name: str - - value?: str - - valueFrom?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFrom - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFrom: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0SecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0SecretKeyRef - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecForProviderValuesFromItems0SecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRef: - r""" - ProviderConfigReference specifies how the provider that will be used to - create, observe, update, and delete this managed resource should be - configured. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRefPolicy - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecProviderConfigRefPolicy: - r""" - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsTo: - r""" - PublishConnectionDetailsTo specifies the connection secret config which - contains a name, metadata and a reference to secret store config to - which any connection details for this managed resource should be written. - Connection details frequently include the endpoint, username, - and password required to connect to the managed resource. - - Attributes - ---------- - configRef : HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRef, default is Undefined, optional - config ref - metadata : HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToMetadata, default is Undefined, optional - metadata - name : str, default is Undefined, required - Name is the name of the connection secret. - """ - - - configRef?: HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRef - - metadata?: HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToMetadata - - name: str - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRef: - r""" - SecretStoreConfigRef specifies which secret store config should be used - for this ConnectionSecret. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy: - r""" - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecPublishConnectionDetailsToMetadata: - r""" - Metadata is the metadata for connection secret. - - Attributes - ---------- - annotations : {str:str}, default is Undefined, optional - Annotations are the annotations to be added to connection secret. - - For Kubernetes secrets, this will be used as "metadata.annotations". - - It is up to Secret Store implementation for others store types. - labels : {str:str}, default is Undefined, optional - Labels are the labels/tags to be added to connection secret. - - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store types. - $type : str, default is Undefined, optional - Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - """ - - - annotations?: {str:str} - - labels?: {str:str} - - $type?: str - - -schema HelmCrossplaneIoV1alpha1ReleaseSpecWriteConnectionSecretToRef: - r""" - WriteConnectionSecretToReference specifies the namespace and name of a - Secret to which any connection details for this managed resource should - be written. Connection details frequently include the endpoint, username, - and password required to connect to the managed resource. - This field is planned to be replaced in a future release in favor of - PublishConnectionDetailsTo. Currently, both could be set independently - and connection details would be published to both without affecting - each other. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1alpha1ReleaseStatus: - r""" - A ReleaseStatus represents the observed state of a Release. - - Attributes - ---------- - atProvider : HelmCrossplaneIoV1alpha1ReleaseStatusAtProvider, default is Undefined, optional - at provider - conditions : [HelmCrossplaneIoV1alpha1ReleaseStatusConditionsItems0], default is Undefined, optional - Conditions of the resource. - failed : int, default is Undefined, optional - failed - observedGeneration : int, default is Undefined, optional - ObservedGeneration is the latest metadata.generation - which resulted in either a ready state, or stalled due to error - it can not recover from without human intervention. - patchesSha : str, default is Undefined, optional - patches sha - synced : bool, default is Undefined, optional - synced - """ - - - atProvider?: HelmCrossplaneIoV1alpha1ReleaseStatusAtProvider - - conditions?: [HelmCrossplaneIoV1alpha1ReleaseStatusConditionsItems0] - - failed?: int - - observedGeneration?: int - - patchesSha?: str - - synced?: bool - - -schema HelmCrossplaneIoV1alpha1ReleaseStatusAtProvider: - r""" - ReleaseObservation are the observable fields of a Release. - - Attributes - ---------- - releaseDescription : str, default is Undefined, optional - release description - revision : int, default is Undefined, optional - revision - state : str, default is Undefined, optional - Status is the status of a release - """ - - - releaseDescription?: str - - revision?: int - - state?: str - - -schema HelmCrossplaneIoV1alpha1ReleaseStatusConditionsItems0: - r""" - A Condition that may apply to a resource. - - Attributes - ---------- - lastTransitionTime : str, default is Undefined, required - LastTransitionTime is the last time this condition transitioned from one - status to another. - message : str, default is Undefined, optional - A Message containing details about this condition's last transition from - one status to another, if any. - observedGeneration : int, default is Undefined, optional - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - reason : str, default is Undefined, required - A Reason for this condition's last transition from one status to another. - status : str, default is Undefined, required - Status of this condition; is it currently True, False, or Unknown? - $type : str, default is Undefined, required - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. - """ - - - lastTransitionTime: str - - message?: str - - observedGeneration?: int - - reason: str - - status: str - - $type: str - - diff --git a/crossplane/v1alpha1/nop_crossplane_io_v1alpha1_nop_resource.k b/crossplane/v1alpha1/nop_crossplane_io_v1alpha1_nop_resource.k deleted file mode 100644 index 654905de..00000000 --- a/crossplane/v1alpha1/nop_crossplane_io_v1alpha1_nop_resource.k +++ /dev/null @@ -1,369 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema NopResource: - """ - A NopResource is an example API type. - - Attributes - ---------- - apiVersion : str, default is "nop.crossplane.io/v1alpha1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "NopResource", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : NopCrossplaneIoV1alpha1NopResourceSpec, default is Undefined, required - spec - status : NopCrossplaneIoV1alpha1NopResourceStatus, default is Undefined, optional - status - """ - - - apiVersion: "nop.crossplane.io/v1alpha1" = "nop.crossplane.io/v1alpha1" - - kind: "NopResource" = "NopResource" - - metadata?: v1.ObjectMeta - - spec: NopCrossplaneIoV1alpha1NopResourceSpec - - status?: NopCrossplaneIoV1alpha1NopResourceStatus - - -schema NopCrossplaneIoV1alpha1NopResourceSpec: - """ - A NopResourceSpec defines the desired state of a NopResource. - - Attributes - ---------- - deletionPolicy : str, default is "Delete", optional - DeletionPolicy specifies what will happen to the underlying external when this managed resource is deleted - either "Delete" or "Orphan" the external resource. - forProvider : NopCrossplaneIoV1alpha1NopResourceSpecForProvider, default is Undefined, required - for provider - providerConfigRef : NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef, default is Undefined, optional - provider config ref - providerRef : NopCrossplaneIoV1alpha1NopResourceSpecProviderRef, default is Undefined, optional - provider ref - publishConnectionDetailsTo : NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo, default is Undefined, optional - publish connection details to - writeConnectionSecretToRef : NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef, default is Undefined, optional - write connection secret to ref - """ - - - deletionPolicy?: "Orphan" | "Delete" = "Delete" - - forProvider: NopCrossplaneIoV1alpha1NopResourceSpecForProvider - - providerConfigRef?: NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef - - providerRef?: NopCrossplaneIoV1alpha1NopResourceSpecProviderRef - - publishConnectionDetailsTo?: NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo - - writeConnectionSecretToRef?: NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef - - -schema NopCrossplaneIoV1alpha1NopResourceSpecForProvider: - """ - NopResourceParameters are the configurable fields of a NopResource. - - Attributes - ---------- - conditionAfter : [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0], default is Undefined, optional - ConditionAfter can be used to set status conditions after a specified time. By default a NopResource will only have a status condition of Type: Synced. It will never have a status condition of Type: Ready unless one is configured here. - connectionDetails : [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0], default is Undefined, optional - ConnectionDetails that this NopResource should emit on each reconcile. - fields : any, default is Undefined, optional - Fields is an arbitrary object you can patch to and from. It has no schema, is not validated, and is not used by the NopResource controller. - """ - - - conditionAfter?: [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0] - - connectionDetails?: [NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0] - - fields?: any - - -schema NopCrossplaneIoV1alpha1NopResourceSpecForProviderConditionAfterItems0: - """ - ResourceConditionAfter specifies a condition of a NopResource that should be set after a certain duration. - - Attributes - ---------- - conditionReason : str, default is Undefined, optional - ConditionReason to set - e.g. Available. - conditionStatus : str, default is Undefined, required - ConditionStatus to set - e.g. True. - conditionType : str, default is Undefined, required - ConditionType to set - e.g. Ready. - time : str, default is Undefined, required - Time is the duration after which the condition should be set. - """ - - - conditionReason?: str - - conditionStatus: str - - conditionType: str - - time: str - - -schema NopCrossplaneIoV1alpha1NopResourceSpecForProviderConnectionDetailsItems0: - """ - ResourceConnectionDetail specifies a connection detail a NopResource should emit. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the connection detail. - value : str, default is Undefined, required - Value of the connection detail. - """ - - - name: str - - value: str - - -schema NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRef: - """ - ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy - - -schema NopCrossplaneIoV1alpha1NopResourceSpecProviderConfigRefPolicy: - """ - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema NopCrossplaneIoV1alpha1NopResourceSpecProviderRef: - """ - ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef` - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy - - -schema NopCrossplaneIoV1alpha1NopResourceSpecProviderRefPolicy: - """ - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsTo: - """ - PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. - - Attributes - ---------- - configRef : NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef, default is Undefined, optional - config ref - metadata : NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata, default is Undefined, optional - metadata - name : str, default is Undefined, required - Name is the name of the connection secret. - """ - - - configRef?: NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef - - metadata?: NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata - - name: str - - -schema NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRef: - """ - SecretStoreConfigRef specifies which secret store config should be used for this ConnectionSecret. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy - - -schema NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToConfigRefPolicy: - """ - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema NopCrossplaneIoV1alpha1NopResourceSpecPublishConnectionDetailsToMetadata: - """ - Metadata is the metadata for connection secret. - - Attributes - ---------- - annotations : {str:str}, default is Undefined, optional - Annotations are the annotations to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.annotations". - It is up to Secret Store implementation for others store types. - labels : {str:str}, default is Undefined, optional - Labels are the labels/tags to be added to connection secret. - For Kubernetes secrets, this will be used as "metadata.labels". - It is up to Secret Store implementation for others store types. - $type : str, default is Undefined, optional - Type is the SecretType for the connection secret. - Only valid for Kubernetes Secret Stores. - """ - - - annotations?: {str:str} - - labels?: {str:str} - - $type?: str - - -schema NopCrossplaneIoV1alpha1NopResourceSpecWriteConnectionSecretToRef: - """ - WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - name: str - - namespace: str - - -schema NopCrossplaneIoV1alpha1NopResourceStatus: - """ - A NopResourceStatus represents the observed state of a NopResource. - - Attributes - ---------- - atProvider : NopCrossplaneIoV1alpha1NopResourceStatusAtProvider, default is Undefined, optional - at provider - conditions : [NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0], default is Undefined, optional - Conditions of the resource. - """ - - - atProvider?: NopCrossplaneIoV1alpha1NopResourceStatusAtProvider - - conditions?: [NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0] - - -schema NopCrossplaneIoV1alpha1NopResourceStatusAtProvider: - """ - NopResourceObservation are the observable fields of a NopResource. - - Attributes - ---------- - fields : any, default is Undefined, optional - Fields is an arbitrary object you can patch to and from. It has no schema, is not validated, and is not used by the NopResource controller. - """ - - - fields?: any - - -schema NopCrossplaneIoV1alpha1NopResourceStatusConditionsItems0: - """ - A Condition that may apply to a resource. - - Attributes - ---------- - lastTransitionTime : str, default is Undefined, required - LastTransitionTime is the last time this condition transitioned from one status to another. - message : str, default is Undefined, optional - A Message containing details about this condition's last transition from one status to another, if any. - reason : str, default is Undefined, required - A Reason for this condition's last transition from one status to another. - status : str, default is Undefined, required - Status of this condition; is it currently True, False, or Unknown? - $type : str, default is Undefined, required - Type of this condition. At most one of each condition type may apply to a resource at any point in time. - """ - - - lastTransitionTime: str - - message?: str - - reason: str - - status: str - - $type: str - - diff --git a/crossplane/v1alpha1/pkg_crossplane_io_v1alpha1_controller_config.k b/crossplane/v1alpha1/pkg_crossplane_io_v1alpha1_controller_config.k index 0ac544df..e55bcbaa 100644 --- a/crossplane/v1alpha1/pkg_crossplane_io_v1alpha1_controller_config.k +++ b/crossplane/v1alpha1/pkg_crossplane_io_v1alpha1_controller_config.k @@ -4,6 +4,7 @@ Editing this file might prove futile when you re-run the KCL auto-gen generate c """ import regex import k8s.apimachinery.pkg.apis.meta.v1 +_regex_match = regex.match schema ControllerConfig: @@ -489,22 +490,22 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityPreferredDu matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional namespace selector @@ -650,22 +651,22 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityRequiredDur matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional namespace selector @@ -857,22 +858,22 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityPreferr matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional namespace selector @@ -1018,22 +1019,22 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityRequire matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1alpha1ControllerConfigSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional namespace selector @@ -1348,7 +1349,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecEnvItems0ValueFromResourceFiel check: - regex.match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor + _regex_match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor schema PkgCrossplaneIoV1alpha1ControllerConfigSpecEnvItems0ValueFromSecretKeyRef: @@ -1425,6 +1426,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContext: Attributes ---------- + appArmorProfile : PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile, default is Undefined, optional + app armor profile fsGroup : int, default is Undefined, optional A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume @@ -1488,6 +1491,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContext: """ + appArmorProfile?: PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile + fsGroup?: int fsGroupChangePolicy?: str @@ -1509,6 +1514,32 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContext: windowsOptions?: PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextWindowsOptions +schema PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1alpha1ControllerConfigSpecPodSecurityContextSeLinuxOptions: r""" The SELinux context to be applied to all containers. @@ -1697,8 +1728,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecResources: check: - all _, limits in limits {regex.match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {regex.match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1alpha1ControllerConfigSpecResourcesClaimsItems0: @@ -1732,6 +1763,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContext: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + appArmorProfile : PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile, default is Undefined, optional + app armor profile capabilities : PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities, default is Undefined, optional capabilities privileged : bool, default is Undefined, optional @@ -1779,6 +1812,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContext: allowPrivilegeEscalation?: bool + appArmorProfile?: PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile + capabilities?: PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities privileged?: bool @@ -1800,6 +1835,33 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContext: windowsOptions?: PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextWindowsOptions +schema PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1alpha1ControllerConfigSpecSecurityContextCapabilities: r""" The capabilities to add/drop when running containers. @@ -1971,11 +2033,34 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumeMountsItems0: to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). name : str, default is Undefined, required This must match the Name of a Volume. readOnly : bool, default is Undefined, optional Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + recursiveReadOnly : str, default is Undefined, optional + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + + If ReadOnly is false, this field has no meaning and must be unspecified. + + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated as an equivalent of Disabled. subPath : str, default is Undefined, optional Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). @@ -1995,6 +2080,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumeMountsItems0: readOnly?: bool + recursiveReadOnly?: str + subPath?: str subPathExpr?: str @@ -2518,7 +2605,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0DownwardAPIItemsI schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0DownwardAPIItemsItems0FieldRef: r""" - Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. Attributes ---------- @@ -2558,7 +2645,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0DownwardAPIItemsI check: - regex.match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor + _regex_match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EmptyDir: @@ -2589,7 +2676,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EmptyDir: check: - regex.match(str(sizeLimit), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if sizeLimit + _regex_match(str(sizeLimit), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if sizeLimit schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0Ephemeral: @@ -2740,7 +2827,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeCl If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. volumeMode : str, default is Undefined, optional volumeMode defines what type of volume is required by the claim. @@ -2879,8 +2966,8 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeCl check: - all _, limits in limits {regex.match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {regex.match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0EphemeralVolumeClaimTemplateSpecSelector: @@ -3599,7 +3686,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesI schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0FieldRef: r""" - Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. Attributes ---------- @@ -3639,7 +3726,7 @@ schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesI check: - regex.match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor + _regex_match(str(divisor), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if divisor schema PkgCrossplaneIoV1alpha1ControllerConfigSpecVolumesItems0ProjectedSourcesItems0Secret: diff --git a/crossplane/v1beta1/helm_crossplane_io_v1beta1_provider_config.k b/crossplane/v1beta1/helm_crossplane_io_v1beta1_provider_config.k deleted file mode 100644 index ecf42408..00000000 --- a/crossplane/v1beta1/helm_crossplane_io_v1beta1_provider_config.k +++ /dev/null @@ -1,277 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema ProviderConfig: - r""" - A ProviderConfig configures a Helm 'provider', i.e. a connection to a particular - - Attributes - ---------- - apiVersion : str, default is "helm.crossplane.io/v1beta1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "ProviderConfig", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : HelmCrossplaneIoV1beta1ProviderConfigSpec, default is Undefined, required - spec - status : HelmCrossplaneIoV1beta1ProviderConfigStatus, default is Undefined, optional - status - """ - - - apiVersion: "helm.crossplane.io/v1beta1" = "helm.crossplane.io/v1beta1" - - kind: "ProviderConfig" = "ProviderConfig" - - metadata?: v1.ObjectMeta - - spec: HelmCrossplaneIoV1beta1ProviderConfigSpec - - status?: HelmCrossplaneIoV1beta1ProviderConfigStatus - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpec: - r""" - A ProviderConfigSpec defines the desired state of a ProviderConfig. - - Attributes - ---------- - credentials : HelmCrossplaneIoV1beta1ProviderConfigSpecCredentials, default is Undefined, required - credentials - identity : HelmCrossplaneIoV1beta1ProviderConfigSpecIdentity, default is Undefined, optional - identity - """ - - - credentials: HelmCrossplaneIoV1beta1ProviderConfigSpecCredentials - - identity?: HelmCrossplaneIoV1beta1ProviderConfigSpecIdentity - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecCredentials: - r""" - Credentials used to connect to the Kubernetes API. Typically a - kubeconfig file. Use InjectedIdentity for in-cluster config. - - Attributes - ---------- - env : HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsEnv, default is Undefined, optional - env - fs : HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsFs, default is Undefined, optional - fs - secretRef : HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsSecretRef, default is Undefined, optional - secret ref - source : str, default is Undefined, required - Source of the provider credentials. - """ - - - env?: HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsEnv - - fs?: HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsFs - - secretRef?: HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsSecretRef - - source: "None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem" - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsEnv: - r""" - Env is a reference to an environment variable that contains credentials - that must be used to connect to the provider. - - Attributes - ---------- - name : str, default is Undefined, required - Name is the name of an environment variable. - """ - - - name: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsFs: - r""" - Fs is a reference to a filesystem location that contains credentials that - must be used to connect to the provider. - - Attributes - ---------- - path : str, default is Undefined, required - Path is a filesystem path. - """ - - - path: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecCredentialsSecretRef: - r""" - A SecretRef is a reference to a secret key that contains the credentials - that must be used to connect to the provider. - - Attributes - ---------- - key : str, default is Undefined, required - The key to select. - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - key: str - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecIdentity: - r""" - Identity used to authenticate to the Kubernetes API. The identity - credentials can be used to supplement kubeconfig 'credentials', for - example by configuring a bearer token source such as OAuth. - - Attributes - ---------- - env : HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityEnv, default is Undefined, optional - env - fs : HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityFs, default is Undefined, optional - fs - secretRef : HelmCrossplaneIoV1beta1ProviderConfigSpecIdentitySecretRef, default is Undefined, optional - secret ref - source : str, default is Undefined, required - Source of the provider credentials. - $type : str, default is Undefined, required - Type of identity. - """ - - - env?: HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityEnv - - fs?: HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityFs - - secretRef?: HelmCrossplaneIoV1beta1ProviderConfigSpecIdentitySecretRef - - source: "None" | "Secret" | "InjectedIdentity" | "Environment" | "Filesystem" - - $type: "GoogleApplicationCredentials" | "AzureServicePrincipalCredentials" | "AzureWorkloadIdentityCredentials" | "UpboundTokens" - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityEnv: - r""" - Env is a reference to an environment variable that contains credentials - that must be used to connect to the provider. - - Attributes - ---------- - name : str, default is Undefined, required - Name is the name of an environment variable. - """ - - - name: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecIdentityFs: - r""" - Fs is a reference to a filesystem location that contains credentials that - must be used to connect to the provider. - - Attributes - ---------- - path : str, default is Undefined, required - Path is a filesystem path. - """ - - - path: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigSpecIdentitySecretRef: - r""" - A SecretRef is a reference to a secret key that contains the credentials - that must be used to connect to the provider. - - Attributes - ---------- - key : str, default is Undefined, required - The key to select. - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - key: str - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1beta1ProviderConfigStatus: - r""" - A ProviderConfigStatus defines the status of a Provider. - - Attributes - ---------- - conditions : [HelmCrossplaneIoV1beta1ProviderConfigStatusConditionsItems0], default is Undefined, optional - Conditions of the resource. - users : int, default is Undefined, optional - Users of this provider configuration. - """ - - - conditions?: [HelmCrossplaneIoV1beta1ProviderConfigStatusConditionsItems0] - - users?: int - - -schema HelmCrossplaneIoV1beta1ProviderConfigStatusConditionsItems0: - r""" - A Condition that may apply to a resource. - - Attributes - ---------- - lastTransitionTime : str, default is Undefined, required - LastTransitionTime is the last time this condition transitioned from one - status to another. - message : str, default is Undefined, optional - A Message containing details about this condition's last transition from - one status to another, if any. - observedGeneration : int, default is Undefined, optional - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - reason : str, default is Undefined, required - A Reason for this condition's last transition from one status to another. - status : str, default is Undefined, required - Status of this condition; is it currently True, False, or Unknown? - $type : str, default is Undefined, required - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. - """ - - - lastTransitionTime: str - - message?: str - - observedGeneration?: int - - reason: str - - status: str - - $type: str - - diff --git a/crossplane/v1beta1/helm_crossplane_io_v1beta1_release.k b/crossplane/v1beta1/helm_crossplane_io_v1beta1_release.k deleted file mode 100644 index 0aeba664..00000000 --- a/crossplane/v1beta1/helm_crossplane_io_v1beta1_release.k +++ /dev/null @@ -1,749 +0,0 @@ -""" -This file was generated by the KCL auto-gen tool. DO NOT EDIT. -Editing this file might prove futile when you re-run the KCL auto-gen generate command. -""" -import k8s.apimachinery.pkg.apis.meta.v1 - - -schema Release: - r""" - A Release is an example API type - - Attributes - ---------- - apiVersion : str, default is "helm.crossplane.io/v1beta1", required - APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - kind : str, default is "Release", required - Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - metadata : v1.ObjectMeta, default is Undefined, optional - metadata - spec : HelmCrossplaneIoV1beta1ReleaseSpec, default is Undefined, required - spec - status : HelmCrossplaneIoV1beta1ReleaseStatus, default is Undefined, optional - status - """ - - - apiVersion: "helm.crossplane.io/v1beta1" = "helm.crossplane.io/v1beta1" - - kind: "Release" = "Release" - - metadata?: v1.ObjectMeta - - spec: HelmCrossplaneIoV1beta1ReleaseSpec - - status?: HelmCrossplaneIoV1beta1ReleaseStatus - - -schema HelmCrossplaneIoV1beta1ReleaseSpec: - r""" - A ReleaseSpec defines the desired state of a Release. - - Attributes - ---------- - connectionDetails : [HelmCrossplaneIoV1beta1ReleaseSpecConnectionDetailsItems0], default is Undefined, optional - connection details - deletionPolicy : str, default is "Delete", optional - DeletionPolicy specifies what will happen to the underlying external - when this managed resource is deleted - either "Delete" or "Orphan" the - external resource. - This field is planned to be deprecated in favor of the ManagementPolicies - field in a future release. Currently, both could be set independently and - non-default values would be honored if the feature flag is enabled. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 - forProvider : HelmCrossplaneIoV1beta1ReleaseSpecForProvider, default is Undefined, required - for provider - managementPolicies : [str], default is ["*"], optional - THIS IS A BETA FIELD. It is on by default but can be opted out - through a Crossplane feature flag. - ManagementPolicies specify the array of actions Crossplane is allowed to - take on the managed and external resources. - This field is planned to replace the DeletionPolicy field in a future - release. Currently, both could be set independently and non-default - values would be honored if the feature flag is enabled. If both are - custom, the DeletionPolicy field will be ignored. - See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 - and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md - providerConfigRef : HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRef, default is Undefined, optional - provider config ref - publishConnectionDetailsTo : HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsTo, default is Undefined, optional - publish connection details to - rollbackLimit : int, default is Undefined, optional - RollbackRetriesLimit is max number of attempts to retry Helm deployment by rolling back the release. - writeConnectionSecretToRef : HelmCrossplaneIoV1beta1ReleaseSpecWriteConnectionSecretToRef, default is Undefined, optional - write connection secret to ref - """ - - - connectionDetails?: [HelmCrossplaneIoV1beta1ReleaseSpecConnectionDetailsItems0] - - deletionPolicy?: "Orphan" | "Delete" = "Delete" - - forProvider: HelmCrossplaneIoV1beta1ReleaseSpecForProvider - - managementPolicies?: [str] = ["*"] - - providerConfigRef?: HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRef - - publishConnectionDetailsTo?: HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsTo - - rollbackLimit?: int - - writeConnectionSecretToRef?: HelmCrossplaneIoV1beta1ReleaseSpecWriteConnectionSecretToRef - - -schema HelmCrossplaneIoV1beta1ReleaseSpecConnectionDetailsItems0: - r""" - ConnectionDetail todo - - Attributes - ---------- - apiVersion : str, default is Undefined, optional - API version of the referent. - fieldPath : str, default is Undefined, optional - If referring to a piece of an object instead of an entire object, this string - should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to have some well-defined way of - referencing a part of an object. - TODO: this design is not final and this field is subject to change in the future. - kind : str, default is Undefined, optional - Kind of the referent. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - name : str, default is Undefined, optional - Name of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - namespace : str, default is Undefined, optional - Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ - resourceVersion : str, default is Undefined, optional - Specific resourceVersion to which this reference is made, if any. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency - skipPartOfReleaseCheck : bool, default is Undefined, optional - SkipPartOfReleaseCheck skips check for meta.helm.sh/release-name annotation. - toConnectionSecretKey : str, default is Undefined, optional - to connection secret key - uid : str, default is Undefined, optional - UID of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids - """ - - - apiVersion?: str - - fieldPath?: str - - kind?: str - - name?: str - - namespace?: str - - resourceVersion?: str - - skipPartOfReleaseCheck?: bool - - toConnectionSecretKey?: str - - uid?: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProvider: - r""" - ReleaseParameters are the configurable fields of a Release. - - Attributes - ---------- - chart : HelmCrossplaneIoV1beta1ReleaseSpecForProviderChart, default is Undefined, required - chart - insecureSkipTLSVerify : bool, default is Undefined, optional - InsecureSkipTLSVerify skips tls certificate checks for the chart download - namespace : str, default is Undefined, required - Namespace to install the release into. - patchesFrom : [HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0], default is Undefined, optional - PatchesFrom describe patches to be applied to the rendered manifests. - set : [HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0], default is Undefined, optional - set - skipCRDs : bool, default is Undefined, optional - SkipCRDs skips installation of CRDs for the release. - skipCreateNamespace : bool, default is Undefined, optional - SkipCreateNamespace won't create the namespace for the release. This requires the namespace to already exist. - values : any, default is Undefined, optional - values - valuesFrom : [HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0], default is Undefined, optional - values from - wait : bool, default is Undefined, optional - Wait for the release to become ready. - waitTimeout : str, default is Undefined, optional - WaitTimeout is the duration Helm will wait for the release to become - ready. Only applies if wait is also set. Defaults to 5m. - """ - - - chart: HelmCrossplaneIoV1beta1ReleaseSpecForProviderChart - - insecureSkipTLSVerify?: bool - - namespace: str - - patchesFrom?: [HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0] - - set?: [HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0] - - skipCRDs?: bool - - skipCreateNamespace?: bool - - values?: any - - valuesFrom?: [HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0] - - wait?: bool - - waitTimeout?: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderChart: - r""" - A ChartSpec defines the chart spec for a Release - - Attributes - ---------- - name : str, default is Undefined, optional - Name of Helm chart, required if ChartSpec.URL not set - pullSecretRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderChartPullSecretRef, default is Undefined, optional - pull secret ref - repository : str, default is Undefined, optional - Repository: Helm repository URL, required if ChartSpec.URL not set - url : str, default is Undefined, optional - URL to chart package (typically .tgz), optional and overrides others fields in the spec - version : str, default is Undefined, optional - Version of Helm chart, late initialized with latest version if not set - """ - - - name?: str - - pullSecretRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderChartPullSecretRef - - repository?: str - - url?: str - - version?: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderChartPullSecretRef: - r""" - PullSecretRef is reference to the secret containing credentials to helm repository - - Attributes - ---------- - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0ConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderPatchesFromItems0SecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0: - r""" - SetVal represents a "set" value override in a Release - - Attributes - ---------- - name : str, default is Undefined, required - name - value : str, default is Undefined, optional - value - valueFrom : HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFrom, default is Undefined, optional - value from - """ - - - name: str - - value?: str - - valueFrom?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFrom - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFrom: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderSetItems0ValueFromSecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0: - r""" - ValueFromSource represents source of a value - - Attributes - ---------- - configMapKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef, default is Undefined, optional - config map key ref - secretKeyRef : HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0SecretKeyRef, default is Undefined, optional - secret key ref - """ - - - configMapKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef - - secretKeyRef?: HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0SecretKeyRef - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0ConfigMapKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecForProviderValuesFromItems0SecretKeyRef: - r""" - DataKeySelector defines required spec to access a key of a configmap or secret - - Attributes - ---------- - key : str, default is Undefined, optional - key - name : str, default is Undefined, required - name - namespace : str, default is Undefined, required - namespace - optional : bool, default is Undefined, optional - optional - """ - - - key?: str - - name: str - - namespace: str - - optional?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRef: - r""" - ProviderConfigReference specifies how the provider that will be used to - create, observe, update, and delete this managed resource should be - configured. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRefPolicy - - -schema HelmCrossplaneIoV1beta1ReleaseSpecProviderConfigRefPolicy: - r""" - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsTo: - r""" - PublishConnectionDetailsTo specifies the connection secret config which - contains a name, metadata and a reference to secret store config to - which any connection details for this managed resource should be written. - Connection details frequently include the endpoint, username, - and password required to connect to the managed resource. - - Attributes - ---------- - configRef : HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRef, default is Undefined, optional - config ref - metadata : HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToMetadata, default is Undefined, optional - metadata - name : str, default is Undefined, required - Name is the name of the connection secret. - """ - - - configRef?: HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRef - - metadata?: HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToMetadata - - name: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRef: - r""" - SecretStoreConfigRef specifies which secret store config should be used - for this ConnectionSecret. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the referenced object. - policy : HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy, default is Undefined, optional - policy - """ - - - name: str - - policy?: HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy - - -schema HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToConfigRefPolicy: - r""" - Policies for referencing. - - Attributes - ---------- - resolution : str, default is "Required", optional - Resolution specifies whether resolution of this reference is required. - The default is 'Required', which means the reconcile will fail if the - reference cannot be resolved. 'Optional' means this reference will be - a no-op if it cannot be resolved. - resolve : str, default is Undefined, optional - Resolve specifies when this reference should be resolved. The default - is 'IfNotPresent', which will attempt to resolve the reference only when - the corresponding field is not present. Use 'Always' to resolve the - reference on every reconcile. - """ - - - resolution?: "Required" | "Optional" = "Required" - - resolve?: "Always" | "IfNotPresent" - - -schema HelmCrossplaneIoV1beta1ReleaseSpecPublishConnectionDetailsToMetadata: - r""" - Metadata is the metadata for connection secret. - - Attributes - ---------- - annotations : {str:str}, default is Undefined, optional - Annotations are the annotations to be added to connection secret. - - For Kubernetes secrets, this will be used as "metadata.annotations". - - It is up to Secret Store implementation for others store types. - labels : {str:str}, default is Undefined, optional - Labels are the labels/tags to be added to connection secret. - - For Kubernetes secrets, this will be used as "metadata.labels". - - It is up to Secret Store implementation for others store types. - $type : str, default is Undefined, optional - Type is the SecretType for the connection secret. - - Only valid for Kubernetes Secret Stores. - """ - - - annotations?: {str:str} - - labels?: {str:str} - - $type?: str - - -schema HelmCrossplaneIoV1beta1ReleaseSpecWriteConnectionSecretToRef: - r""" - WriteConnectionSecretToReference specifies the namespace and name of a - Secret to which any connection details for this managed resource should - be written. Connection details frequently include the endpoint, username, - and password required to connect to the managed resource. - This field is planned to be replaced in a future release in favor of - PublishConnectionDetailsTo. Currently, both could be set independently - and connection details would be published to both without affecting - each other. - - Attributes - ---------- - name : str, default is Undefined, required - Name of the secret. - namespace : str, default is Undefined, required - Namespace of the secret. - """ - - - name: str - - namespace: str - - -schema HelmCrossplaneIoV1beta1ReleaseStatus: - r""" - A ReleaseStatus represents the observed state of a Release. - - Attributes - ---------- - atProvider : HelmCrossplaneIoV1beta1ReleaseStatusAtProvider, default is Undefined, optional - at provider - conditions : [HelmCrossplaneIoV1beta1ReleaseStatusConditionsItems0], default is Undefined, optional - Conditions of the resource. - failed : int, default is Undefined, optional - failed - observedGeneration : int, default is Undefined, optional - ObservedGeneration is the latest metadata.generation - which resulted in either a ready state, or stalled due to error - it can not recover from without human intervention. - patchesSha : str, default is Undefined, optional - patches sha - synced : bool, default is Undefined, optional - synced - """ - - - atProvider?: HelmCrossplaneIoV1beta1ReleaseStatusAtProvider - - conditions?: [HelmCrossplaneIoV1beta1ReleaseStatusConditionsItems0] - - failed?: int - - observedGeneration?: int - - patchesSha?: str - - synced?: bool - - -schema HelmCrossplaneIoV1beta1ReleaseStatusAtProvider: - r""" - ReleaseObservation are the observable fields of a Release. - - Attributes - ---------- - releaseDescription : str, default is Undefined, optional - release description - revision : int, default is Undefined, optional - revision - state : str, default is Undefined, optional - Status is the status of a release - """ - - - releaseDescription?: str - - revision?: int - - state?: str - - -schema HelmCrossplaneIoV1beta1ReleaseStatusConditionsItems0: - r""" - A Condition that may apply to a resource. - - Attributes - ---------- - lastTransitionTime : str, default is Undefined, required - LastTransitionTime is the last time this condition transitioned from one - status to another. - message : str, default is Undefined, optional - A Message containing details about this condition's last transition from - one status to another, if any. - observedGeneration : int, default is Undefined, optional - ObservedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - reason : str, default is Undefined, required - A Reason for this condition's last transition from one status to another. - status : str, default is Undefined, required - Status of this condition; is it currently True, False, or Unknown? - $type : str, default is Undefined, required - Type of this condition. At most one of each condition type may apply to - a resource at any point in time. - """ - - - lastTransitionTime: str - - message?: str - - observedGeneration?: int - - reason: str - - status: str - - $type: str - - diff --git a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_deployment_runtime_config.k b/crossplane/v1beta1/pkg_crossplane_io_v1beta1_deployment_runtime_config.k index bb6d8e37..4bc57a52 100644 --- a/crossplane/v1beta1/pkg_crossplane_io_v1beta1_deployment_runtime_config.k +++ b/crossplane/v1beta1/pkg_crossplane_io_v1beta1_deployment_runtime_config.k @@ -358,7 +358,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. hostAliases : [PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecHostAliasesItems0], default is Undefined, optional HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - file if specified. This is only valid for non-hostNetwork pods. + file if specified. hostIPC : bool, default is Undefined, optional Use the host's ipc namespace. Optional: Default to false. @@ -473,13 +473,10 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe SchedulingGates can only be set at pod creation time, and be removed only afterwards. - - - This is a beta feature enabled by the PodSchedulingReadiness feature gate. securityContext : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContext, default is Undefined, optional security context serviceAccount : str, default is Undefined, optional - DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. + DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. Deprecated: Use serviceAccountName instead. serviceAccountName : str, default is Undefined, optional ServiceAccountName is the name of the ServiceAccount to use to run this pod. @@ -600,7 +597,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe check: - all _, overhead in overhead {_regex_match(str(overhead), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if overhead } if overhead + all _, overhead in overhead { _regex_match(str(overhead), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if overhead } if overhead schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinity: @@ -900,22 +897,22 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional namespace selector @@ -1061,22 +1058,22 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional namespace selector @@ -1268,22 +1265,22 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionItems0PodAffinityTermNamespaceSelector, default is Undefined, optional namespace selector @@ -1429,22 +1426,22 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe matchLabelKeys : [str], default is Undefined, optional MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. mismatchLabelKeys : [str], default is Undefined, optional MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the - incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. - The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. namespaceSelector : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionItems0NamespaceSelector, default is Undefined, optional namespace selector @@ -2718,8 +2715,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe check: - all _, limits in limits {_regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {_regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0ResourcesClaimsItems0: @@ -2754,6 +2751,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + appArmorProfile : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile, default is Undefined, optional + app armor profile capabilities : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities, default is Undefined, optional capabilities privileged : bool, default is Undefined, optional @@ -2801,6 +2800,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe allowPrivilegeEscalation?: bool + appArmorProfile?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile + capabilities?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities privileged?: bool @@ -2822,6 +2823,33 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe windowsOptions?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextWindowsOptions +schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecContainersItems0SecurityContextCapabilities: r""" The capabilities to add/drop when running containers. @@ -3155,11 +3183,34 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). name : str, default is Undefined, required This must match the Name of a Volume. readOnly : bool, default is Undefined, optional Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + recursiveReadOnly : str, default is Undefined, optional + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + + If ReadOnly is false, this field has no meaning and must be unspecified. + + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated as an equivalent of Disabled. subPath : str, default is Undefined, optional Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). @@ -3179,6 +3230,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe readOnly?: bool + recursiveReadOnly?: str + subPath?: str subPathExpr?: str @@ -4367,8 +4420,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe check: - all _, limits in limits {_regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {_regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0ResourcesClaimsItems0: @@ -4402,6 +4455,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + appArmorProfile : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile, default is Undefined, optional + app armor profile capabilities : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities, default is Undefined, optional capabilities privileged : bool, default is Undefined, optional @@ -4449,6 +4504,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe allowPrivilegeEscalation?: bool + appArmorProfile?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile + capabilities?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities privileged?: bool @@ -4470,6 +4527,33 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe windowsOptions?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextWindowsOptions +schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecEphemeralContainersItems0SecurityContextCapabilities: r""" The capabilities to add/drop when running containers. @@ -4797,11 +4881,34 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). name : str, default is Undefined, required This must match the Name of a Volume. readOnly : bool, default is Undefined, optional Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + recursiveReadOnly : str, default is Undefined, optional + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + + If ReadOnly is false, this field has no meaning and must be unspecified. + + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated as an equivalent of Disabled. subPath : str, default is Undefined, optional Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). @@ -4821,6 +4928,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe readOnly?: bool + recursiveReadOnly?: str + subPath?: str subPathExpr?: str @@ -4835,14 +4944,14 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe ---------- hostnames : [str], default is Undefined, optional Hostnames for the above IP address. - ip : str, default is Undefined, optional + ip : str, default is Undefined, required IP address of the host file entry. """ hostnames?: [str] - ip?: str + ip: str schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecImagePullSecretsItems0: @@ -4852,14 +4961,14 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe Attributes ---------- - name : str, default is Undefined, optional + name : str, default is Undefined, required Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? """ - name?: str + name: str schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0: @@ -6006,8 +6115,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe check: - all _, limits in limits {_regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {_regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0ResourcesClaimsItems0: @@ -6042,6 +6151,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows. + appArmorProfile : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile, default is Undefined, optional + app armor profile capabilities : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities, default is Undefined, optional capabilities privileged : bool, default is Undefined, optional @@ -6089,6 +6200,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe allowPrivilegeEscalation?: bool + appArmorProfile?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile + capabilities?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities privileged?: bool @@ -6110,6 +6223,33 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe windowsOptions?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextWindowsOptions +schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by this container. If set, this profile + overrides the pod's appArmorProfile. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecInitContainersItems0SecurityContextCapabilities: r""" The capabilities to add/drop when running containers. @@ -6443,11 +6583,34 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. + When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + (which defaults to None). name : str, default is Undefined, required This must match the Name of a Volume. readOnly : bool, default is Undefined, optional Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. + recursiveReadOnly : str, default is Undefined, optional + RecursiveReadOnly specifies whether read-only mounts should be handled + recursively. + + + If ReadOnly is false, this field has no meaning and must be unspecified. + + + If ReadOnly is true, and this field is set to Disabled, the mount is not made + recursively read-only. If this field is set to IfPossible, the mount is made + recursively read-only, if it is supported by the container runtime. If this + field is set to Enabled, the mount is made recursively read-only if it is + supported by the container runtime, otherwise the pod will not be started and + an error will be generated to indicate the reason. + + + If this field is set to IfPossible or Enabled, MountPropagation must be set to + None (or be unspecified, which defaults to None). + + + If this field is not specified, it is treated as an equivalent of Disabled. subPath : str, default is Undefined, optional Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). @@ -6467,6 +6630,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe readOnly?: bool + recursiveReadOnly?: str + subPath?: str subPathExpr?: str @@ -6486,6 +6651,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe - spec.hostPID - spec.hostIPC - spec.hostUsers + - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup @@ -6495,6 +6661,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups + - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities @@ -6607,6 +6774,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe Attributes ---------- + appArmorProfile : PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile, default is Undefined, optional + app armor profile fsGroup : int, default is Undefined, optional A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume @@ -6670,6 +6839,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe """ + appArmorProfile?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile + fsGroup?: int fsGroupChangePolicy?: str @@ -6691,6 +6862,32 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe windowsOptions?: PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextWindowsOptions +schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextAppArmorProfile: + r""" + appArmorProfile is the AppArmor options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + + Attributes + ---------- + localhostProfile : str, default is Undefined, optional + localhostProfile indicates a profile loaded on the node that should be used. + The profile must be preconfigured on the node to work. + Must match the loaded name of the profile. + Must be set if and only if type is "Localhost". + $type : str, default is Undefined, required + type indicates which kind of AppArmor profile will be applied. + Valid options are: + Localhost - a profile pre-loaded on the node. + RuntimeDefault - the container runtime's default profile. + Unconfined - no AppArmor enforcement. + """ + + + localhostProfile?: str + + $type: str + + schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecSecurityContextSeLinuxOptions: r""" The SELinux context to be applied to all containers. @@ -6904,9 +7101,6 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. - - - This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). nodeAffinityPolicy : str, default is Undefined, optional NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: @@ -7543,7 +7737,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0DownwardAPIItemsItems0FieldRef: r""" - Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. Attributes ---------- @@ -7765,7 +7959,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. volumeMode : str, default is Undefined, optional volumeMode defines what type of volume is required by the claim. @@ -7904,8 +8098,8 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe check: - all _, limits in limits {_regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits - all _, requests in requests {_regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests + all _, limits in limits { _regex_match(str(limits), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if limits } if limits + all _, requests in requests { _regex_match(str(requests), r"^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$") if requests } if requests schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0EphemeralVolumeClaimTemplateSpecSelector: @@ -8624,7 +8818,7 @@ schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTe schema PkgCrossplaneIoV1beta1DeploymentRuntimeConfigSpecDeploymentTemplateSpecTemplateSpecVolumesItems0ProjectedSourcesItems0DownwardAPIItemsItems0FieldRef: r""" - Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. Attributes ---------- diff --git a/scripts/helm_to_kcl.sh b/scripts/helm_to_kcl.sh new file mode 100755 index 00000000..290a6875 --- /dev/null +++ b/scripts/helm_to_kcl.sh @@ -0,0 +1,69 @@ +#!/bin/bash +# TODO: Make this take a normal helm package name and repo location. This +# script tries to avoid changing any local state, like your helm repository +# list. To do this with helm, you to link to the tgz of the helm package +# itself. +if [ "$#" -lt 2 ] || [ "$#" -gt 3 ]; then + echo "Usage: $0 " + exit 1 +fi + +REPO_URL="$1" +REPO="$2" +VER="$3" + +get_crds_helm_install() { + # TODO: generalize this. should be able to install dependencies first, let + # those start, then use the crds generated before and after to determine + # the CRDs associated with this specific package. + kube_config=$(mktemp) + kind create cluster -n "kcl-module-gen-$REPO" --kubeconfig $kube_config + helm install "$REPO" "--kubeconfig=$kube_config" --namespace kcl-module "$REPO_URL" --create-namespace --wait + # obviously should be kcl -- couldn't figure out how to read std in kcl + KUBECONFIG=$kube_config kubectl get crds -oyaml | python3 -c 'import sys;import yaml;a=yaml.safe_load(sys.stdin);print("---\n");print("---\n".join([yaml.dump(i) for i in a["items"]]))' > "crds/$REPO.yaml" + kind delete cluster -n "kcl-module-gen-$REPO" + rm -f $kube_config +} + +export KCL_FAST_EVAL=1 + +# Init the kcl module +# TODO: this doesn't update the version if the kmod file already exists. +if [ -z "$VER" ]; then + kcl mod init $REPO +else + kcl mod init $REPO --version $VER +fi + +cd $REPO + +# Get the Kubernetes CRD files +mkdir -p crds +get_crds_helm_install + +# Import Kubernetes CRD to KCL files +kcl import -m crd -s ./crds/** + +# Add the k8s dependency +kcl mod add k8s + +rm -rf main.k models/{k8s,kcl.mod} + +# Check KCL runs +for version_dir in models/*/; do + if [ $(basename $version_dir) == "unknown" ]; then + rm -rf $version_dir + continue + fi + echo "Contents of '$version_dir':" + kcl run $version_dir + rm -rf "$(basename $version_dir)" + mv $version_dir . +done +echo "Files have been listed by version." + +rmdir models || exit 1 + + +kcl doc generate +mv ./docs/*.md README.md