diff --git a/Dockerfile.atc b/Dockerfile.atc index f9288b4..ab30a1e 100644 --- a/Dockerfile.atc +++ b/Dockerfile.atc @@ -1,4 +1,4 @@ -FROM golang:1.23-alpine AS builder +FROM golang:1.24-alpine AS builder WORKDIR /app diff --git a/Dockerfile.yokecd b/Dockerfile.yokecd index be06b70..2b5da5c 100644 --- a/Dockerfile.yokecd +++ b/Dockerfile.yokecd @@ -1,4 +1,4 @@ -FROM golang:1.23-alpine +FROM golang:1.24-alpine WORKDIR /cmp diff --git a/Taskfile.yml b/Taskfile.yml index de4f11c..c51b7fb 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -46,12 +46,12 @@ tasks: kube: cmds: - - GOOS=wasip1 GOARCH=wasm go build -o kube.wasm ./cmd/examples/kube + - GOOS=wasip1 GOARCH=wasm go build -o basic.wasm ./examples/basic pg: cmds: - - GOOS=wasip1 GOARCH=wasm go build -o pg.wasm ./cmd/examples/pg + - GOOS=wasip1 GOARCH=wasm go build -o pg.wasm ./examples/embeddedfs redis: cmds: - - GOOS=wasip1 GOARCH=wasm go build -o redis.wasm ./cmd/examples/redis + - GOOS=wasip1 GOARCH=wasm go build -o redis.wasm ./examples/redis diff --git a/cmd/atc-installer/installer/run.go b/cmd/atc-installer/installer/run.go index 8a15c74..b674726 100644 --- a/cmd/atc-installer/installer/run.go +++ b/cmd/atc-installer/installer/run.go @@ -5,6 +5,7 @@ import ( "crypto/sha1" "encoding/hex" "encoding/json" + "errors" "fmt" "maps" "os" @@ -23,6 +24,7 @@ import ( "github.com/yokecd/yoke/pkg/apis/airway/v1alpha1" "github.com/yokecd/yoke/pkg/flight" + "github.com/yokecd/yoke/pkg/flight/wasi/k8s" "github.com/yokecd/yoke/pkg/openapi" ) @@ -34,6 +36,7 @@ type Config struct { Port int `json:"port"` ServiceAccountName string `json:"serviceAccountName"` ImagePullPolicy corev1.PullPolicy `json:"ImagePullPolicy"` + GenerateTLS bool `json:"generateTLS"` } var ( @@ -140,7 +143,34 @@ func Run(cfg Config) error { }, } - tls, err := NewTLS(svc) + const ( + keyRootCA = "ca.crt" + keyServerCert = "server.crt" + keyServerKey = "server.key" + ) + + tls, err := func() (*TLS, error) { + if cfg.GenerateTLS { + return NewTLS(svc) + } + secret, err := k8s.Lookup[corev1.Secret](k8s.ResourceIdentifier{ + Name: flight.Release() + "-tls", + Namespace: flight.Namespace(), + Kind: "Secret", + ApiVersion: "v1", + }) + if err != nil && !k8s.IsErrNotFound(err) && !errors.Is(err, k8s.ErrorClusterAccessNotGranted) { + return nil, fmt.Errorf("failed to lookup tls secret: %T: %v", err, err) + } + if secret != nil { + return &TLS{ + RootCA: secret.Data[keyRootCA], + ServerCert: secret.Data[keyServerCert], + ServerKey: secret.Data[keyServerKey], + }, nil + } + return NewTLS(svc) + }() if err != nil { return err } @@ -155,9 +185,9 @@ func Run(cfg Config) error { Namespace: flight.Namespace(), }, Data: map[string][]byte{ - "ca.crt": tls.RootCA, - "server.crt": tls.ServerCert, - "server.key": tls.ServerKey, + keyRootCA: tls.RootCA, + keyServerCert: tls.ServerCert, + keyServerKey: tls.ServerKey, }, } diff --git a/cmd/atc/internal/testing/Dockerfile.wasmcache b/cmd/atc/internal/testing/Dockerfile.wasmcache index b67711b..e0dc4b5 100644 --- a/cmd/atc/internal/testing/Dockerfile.wasmcache +++ b/cmd/atc/internal/testing/Dockerfile.wasmcache @@ -1,4 +1,4 @@ -FROM golang:1.23-alpine AS builder +FROM golang:1.24-alpine AS builder WORKDIR /app diff --git a/cmd/atc/main_test.go b/cmd/atc/main_test.go index 0592bc5..c626a01 100644 --- a/cmd/atc/main_test.go +++ b/cmd/atc/main_test.go @@ -382,16 +382,14 @@ func TestAirTrafficController(t *testing.T) { "failed to detect new Backend version", ) - // ALthough we create a v1 version we will be able to fetch it as a v2 version. + // Although we create a v1 version we will be able to fetch it as a v2 version. require.NoError( t, commander.Takeoff(ctx, yoke.TakeoffParams{ Release: "c4ts", Flight: yoke.FlightParams{ Input: testutils.JsonReader(backendv1.Backend{ - ObjectMeta: metav1.ObjectMeta{ - Name: "c4ts", - }, + ObjectMeta: metav1.ObjectMeta{Name: "c4ts"}, Spec: backendv1.BackendSpec{ Image: "yokecd/c4ts:test", Replicas: 1, diff --git a/cmd/examples/argocd/install.yaml b/cmd/examples/argocd/install.yaml deleted file mode 100644 index 3487617..0000000 --- a/cmd/examples/argocd/install.yaml +++ /dev/null @@ -1,22854 +0,0 @@ -# This is an auto-generated file. DO NOT EDIT -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: applications.argoproj.io - app.kubernetes.io/part-of: argocd - name: applications.argoproj.io -spec: - group: argoproj.io - names: - kind: Application - listKind: ApplicationList - plural: applications - shortNames: - - app - - apps - singular: application - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.sync.status - name: Sync Status - type: string - - jsonPath: .status.health.status - name: Health Status - type: string - - jsonPath: .status.sync.revision - name: Revision - priority: 10 - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Application is a definition of Application resource. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - operation: - description: Operation contains information about a requested or running - operation - properties: - info: - description: Info is a list of informational items for this operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was initiated - automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who started - operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent retries - of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default unit - is seconds, but could also be a duration (e.g. "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time allowed - for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - dryRun: - description: DryRun specifies to perform a `kubectl apply --dry-run` - without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides sync - source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from the cluster - that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall be part - of the sync - items: - description: SyncOperationResource contains resources to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision (Git) or chart version (Helm) - which to sync the application to If omitted, will use the revision - specified in app spec. - type: string - revisions: - description: Revisions is the list of revision (Git) or chart - version (Helm) which to sync each source in sources field for - the application to If omitted, will use the revision specified - in app spec. - items: - type: string - type: array - source: - description: Source overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to - be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by - not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources for - Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be - commit, tag, or branch. If omitted, will equal to HEAD. - In case of Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources overrides the source definition set in the - application. This is typically set in a Rollback operation and - is nil during a Sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the sync - properties: - apply: - description: Apply will perform a `kubectl apply` to perform - the sync. - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources to - perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to supply - the --force flag to `kubectl apply`. The --force flag - deletes and re-create the resource, when PATCH encounters - conflict and has retried for 5 times. - type: boolean - type: object - type: object - type: object - type: object - spec: - description: ApplicationSpec represents desired application state. Contains - link to repository with application definition and additional parameters - link definition revision. - properties: - destination: - description: Destination is a reference to the target Kubernetes server - and namespace - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is not - set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a list of resources and their fields - which should be ignored during comparison - items: - description: ResourceIgnoreDifferences contains resource filter - and list of json paths which should be ignored during comparison - with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted managers. - Fields mutated by those managers will take precedence over - the desired state defined in the SCM and won't be displayed - in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - description: Info contains a list of information (URLs, email addresses, - and plain text) that relates to the application - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - description: Project is a reference to the project this application - belongs to. The empty string means that application belongs to the - 'default' project. - type: string - revisionHistoryLimit: - description: RevisionHistoryLimit limits the number of items kept - in the application's revision history, which is used for informational - purposes as well as for rollbacks to previous versions. This should - only be changed in exceptional circumstances. Setting to zero will - store no history. This will reduce storage used. Increasing will - increase the space used to store the history, so we do not recommend - increasing it. Default is 10. - format: int64 - type: integer - source: - description: Source is a reference to the location of the application's - manifests or chart - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being used - during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether to - apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels to - add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize components - to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to force - applying common annotations to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize adds - to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize to - use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the location of the application's - manifests or chart - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match paths - against that should be explicitly excluded from being - used during manifest generation - type: string - include: - description: Include contains a glob pattern to match paths - against that should be explicitly included during manifest - generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External Variables - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level Arguments - items: - description: JsonnetVar represents a variable to be - passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the helm - template - items: - description: HelmFileParameter is a file parameter that's - passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally by not - appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters which - are passed to the helm template command upon manifest - generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to tell - Helm to interpret booleans and numbers as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all domains - (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to use. - If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition installation - step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files to - use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed to - helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be passed - to helm template, defined as a map. This takes precedence - over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for templating - ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional annotations - to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize components - to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether to - force applying common annotations to resources for Kustomize - apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to force - applying common labels to resources for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize image - definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas override - specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, usually - expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string type - parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or Helm) - that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the source - to sync the application to. In case of Git, this can be commit, - tag, or branch. If omitted, will equal to HEAD. In case of - Helm, this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - description: SyncPolicy controls when and how a sync will be performed - properties: - automated: - description: Automated will keep an application synced to the - target revision - properties: - allowEmpty: - description: 'AllowEmpty allows apps have zero live resources - (default: false)' - type: boolean - prune: - description: 'Prune specifies whether to delete resources - from the cluster that are not found in the sources anymore - as part of automated sync (default: false)' - type: boolean - selfHeal: - description: 'SelfHeal specifies whether to revert resources - back to their desired state upon modification in the cluster - (default: false)' - type: boolean - type: object - managedNamespaceMetadata: - description: ManagedNamespaceMetadata controls metadata in the - given namespace (if CreateNamespace=true) - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - description: Retry controls failed sync retry behavior - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base duration - after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of time - allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for retrying - a failed sync. If set to 0, no retries will be performed. - format: int64 - type: integer - type: object - syncOptions: - description: Options allow you to specify whole app sync-options - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - status: - description: ApplicationStatus contains status information for the application - properties: - conditions: - description: Conditions is a list of currently observed application - conditions - items: - description: ApplicationCondition contains details about an application - condition, which is usually an error or warning - properties: - lastTransitionTime: - description: LastTransitionTime is the time the condition was - last observed - format: date-time - type: string - message: - description: Message contains human-readable message indicating - details about condition - type: string - type: - description: Type is an application condition type - type: string - required: - - message - - type - type: object - type: array - controllerNamespace: - description: ControllerNamespace indicates the namespace in which - the application controller is located - type: string - health: - description: Health contains information about the application's current - health status - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application or - resource - type: string - type: object - history: - description: History contains information about the application's - sync history - items: - description: RevisionHistory contains history information about - a previous sync - properties: - deployStartedAt: - description: DeployStartedAt holds the time the sync operation - started - format: date-time - type: string - deployedAt: - description: DeployedAt holds the time the sync operation completed - format: date-time - type: string - id: - description: ID is an auto incrementing identifier of the RevisionHistory - format: int64 - type: integer - revision: - description: Revision holds the revision the sync was performed - against - type: string - revisions: - description: Revisions holds the revision of each source in - sources field the sync was performed against - items: - type: string - type: array - source: - description: Source is a reference to the application source - used for the sync operation - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded from - being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included during - manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to the - helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm template - from failing when valueFiles do not exist locally - by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's passed - to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether to - tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name to - use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. ValuesObject - takes precedence over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to be - passed to helm template, defined as a map. This takes - precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional labels - to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable entries - items: - description: EnvEntry represents an entry in the application's - environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array type - parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type parameter. - type: object - name: - description: Name is the name identifying a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within sources - field. This field will not be used if used with a `source` - tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git or - Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application sources - used for the sync operation - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - deployedAt - - id - type: object - type: array - observedAt: - description: 'ObservedAt indicates when the application state was - updated without querying latest git state Deprecated: controller - no longer updates ObservedAt field' - format: date-time - type: string - operationState: - description: OperationState contains information about any ongoing - operations, such as a sync - properties: - finishedAt: - description: FinishedAt contains time of operation completion - format: date-time - type: string - message: - description: Message holds any pertinent messages when attempting - to perform operation (typically errors). - type: string - operation: - description: Operation is the original requested operation - properties: - info: - description: Info is a list of informational items for this - operation - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - initiatedBy: - description: InitiatedBy contains information about who initiated - the operations - properties: - automated: - description: Automated is set to true if operation was - initiated automatically by the application controller. - type: boolean - username: - description: Username contains the name of a user who - started operation - type: string - type: object - retry: - description: Retry controls the strategy to apply if a sync - fails - properties: - backoff: - description: Backoff controls how to backoff on subsequent - retries of failed syncs - properties: - duration: - description: Duration is the amount to back off. Default - unit is seconds, but could also be a duration (e.g. - "2m", "1h") - type: string - factor: - description: Factor is a factor to multiply the base - duration after each failed retry - format: int64 - type: integer - maxDuration: - description: MaxDuration is the maximum amount of - time allowed for the backoff strategy - type: string - type: object - limit: - description: Limit is the maximum number of attempts for - retrying a failed sync. If set to 0, no retries will - be performed. - format: int64 - type: integer - type: object - sync: - description: Sync contains parameters for the operation - properties: - dryRun: - description: DryRun specifies to perform a `kubectl apply - --dry-run` without actually performing the sync - type: boolean - manifests: - description: Manifests is an optional field that overrides - sync source with a local directory for development - items: - type: string - type: array - prune: - description: Prune specifies to delete resources from - the cluster that are no longer tracked in git - type: boolean - resources: - description: Resources describes which resources shall - be part of the sync - items: - description: SyncOperationResource contains resources - to sync. - properties: - group: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - type: array - revision: - description: Revision is the revision (Git) or chart version - (Helm) which to sync the application to If omitted, - will use the revision specified in app spec. - type: string - revisions: - description: Revisions is the list of revision (Git) or - chart version (Helm) which to sync each source in sources - field for the application to If omitted, will use the - revision specified in app spec. - items: - type: string - type: array - source: - description: Source overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to - Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles do - not exist locally by not appending them to helm - template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over - Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a - map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of - Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in - the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources overrides the source definition set - in the application. This is typically set in a Rollback - operation and is nil during a Sync operation - items: - description: ApplicationSource contains all required - information about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must - be specified for applications sourced from a Helm - repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern - to match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern - to match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific - to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet - External Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan - a directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents - helm template from failing when valueFiles - do not exist locally by not appending them - to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter - that's passed to helm template during manifest - generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and - numbers as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the - Helm parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials - to all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release - name to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource - definition installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to - be passed to helm template, typically defined - as a block. ValuesObject takes precedence - over Values, so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as - a map. This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to - use for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific - options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of - additional annotations to add to rendered - manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution - for annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of - kustomize components to add to the kustomization - before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies - whether to force applying common annotations - to resources for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources - for Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended - to resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended - to resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that - Kustomize adds to all resources - type: string - patches: - description: Patches is a list of Kustomize - patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize - Replicas override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version - of Kustomize to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the - Git repository, and is only valid for applications - sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin - specific options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry - in the application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the - variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an - array type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map - type parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a - string type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source - within sources field. This field will not be used - if used with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository - (Git or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision - of the source to sync the application to. In case - of Git, this can be commit, tag, or branch. If - omitted, will equal to HEAD. In case of Helm, - this is a semver tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - syncOptions: - description: SyncOptions provide per-sync sync-options, - e.g. Validate=false - items: - type: string - type: array - syncStrategy: - description: SyncStrategy describes how to perform the - sync - properties: - apply: - description: Apply will perform a `kubectl apply` - to perform the sync. - properties: - force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. - type: boolean - type: object - hook: - description: Hook will submit any referenced resources - to perform the sync. This is the default strategy - properties: - force: - description: Force indicates whether or not to - supply the --force flag to `kubectl apply`. - The --force flag deletes and re-create the resource, - when PATCH encounters conflict and has retried - for 5 times. - type: boolean - type: object - type: object - type: object - type: object - phase: - description: Phase is the current phase of the operation - type: string - retryCount: - description: RetryCount contains time of operation retries - format: int64 - type: integer - startedAt: - description: StartedAt contains time of operation start - format: date-time - type: string - syncResult: - description: SyncResult is the result of a Sync operation - properties: - managedNamespaceMetadata: - description: ManagedNamespaceMetadata contains the current - sync state of managed namespace metadata - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - resources: - description: Resources contains a list of sync result items - for each individual resource in a sync operation - items: - description: ResourceResult holds the operation result details - of a specific resource - properties: - group: - description: Group specifies the API group of the resource - type: string - hookPhase: - description: HookPhase contains the state of any operation - associated with this resource OR hook This can also - contain values for non-hook resources. - type: string - hookType: - description: HookType specifies the type of the hook. - Empty for non-hook resources - type: string - kind: - description: Kind specifies the API kind of the resource - type: string - message: - description: Message contains an informational or error - message for the last sync OR operation - type: string - name: - description: Name specifies the name of the resource - type: string - namespace: - description: Namespace specifies the target namespace - of the resource - type: string - status: - description: Status holds the final result of the sync. - Will be empty if the resources is yet to be applied/pruned - and is always zero-value for hooks - type: string - syncPhase: - description: SyncPhase indicates the particular phase - of the sync that this result was acquired in - type: string - version: - description: Version specifies the API version of the - resource - type: string - required: - - group - - kind - - name - - namespace - - version - type: object - type: array - revision: - description: Revision holds the revision this sync operation - was performed to - type: string - revisions: - description: Revisions holds the revision this sync operation - was performed for respective indexed source in sources field - items: - type: string - type: array - source: - description: Source records the application source information - of the sync, used for comparing auto-sync - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Source records the application source information - of the sync, used for comparing auto-sync - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - revision - type: object - required: - - operation - - phase - - startedAt - type: object - reconciledAt: - description: ReconciledAt indicates when the application state was - reconciled using the latest git version - format: date-time - type: string - resourceHealthSource: - description: 'ResourceHealthSource indicates where the resource health - status is stored: inline if not set or appTree' - type: string - resources: - description: Resources is a list of Kubernetes resources managed by - this application - items: - description: 'ResourceStatus holds the current sync and health status - of a resource TODO: describe members of this type' - properties: - group: - type: string - health: - description: HealthStatus contains information about the currently - observed health state of an application or resource - properties: - message: - description: Message is a human-readable informational message - describing the health status - type: string - status: - description: Status holds the status code of the application - or resource - type: string - type: object - hook: - type: boolean - kind: - type: string - name: - type: string - namespace: - type: string - requiresPruning: - type: boolean - status: - description: SyncStatusCode is a type which represents possible - comparison results - type: string - syncWave: - format: int64 - type: integer - version: - type: string - type: object - type: array - sourceType: - description: SourceType specifies the type of this application - type: string - sourceTypes: - description: SourceTypes specifies the type of the sources included - in the application - items: - description: ApplicationSourceType specifies the type of the application's - source - type: string - type: array - summary: - description: Summary contains a list of URLs and container images - used by this application - properties: - externalURLs: - description: ExternalURLs holds all external URLs of application - child resources. - items: - type: string - type: array - images: - description: Images holds all images of application child resources. - items: - type: string - type: array - type: object - sync: - description: Sync contains information about the application's current - sync status - properties: - comparedTo: - description: ComparedTo contains information about what has been - compared - properties: - destination: - description: Destination is a reference to the application's - destination used for comparison - properties: - name: - description: Name is an alternate way of specifying the - target cluster by its symbolic name. This must be set - if Server is not set. - type: string - namespace: - description: Namespace specifies the target namespace - for the application's resources. The namespace will - only be set for namespace-scoped resources that have - not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name - is not set. - type: string - type: object - ignoreDifferences: - description: IgnoreDifferences is a reference to the application's - ignored differences used for comparison - items: - description: ResourceIgnoreDifferences contains resource - filter and list of json paths which should be ignored - during comparison with live state. - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - description: ManagedFieldsManagers is a list of trusted - managers. Fields mutated by those managers will take - precedence over the desired state defined in the SCM - and won't be displayed in diffs - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - source: - description: Source is a reference to the application's source - used for comparison - properties: - chart: - description: Chart is a Helm chart name, and must be specified - for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific options - properties: - exclude: - description: Exclude contains a glob pattern to match - paths against that should be explicitly excluded - from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to match - paths against that should be explicitly included - during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a directory - recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters to - the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm parameter - type: string - path: - description: Path is the path to the file containing - the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command upon - manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to all - domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value files - to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be passed - to helm template, typically defined as a block. - ValuesObject takes precedence over Values, so use - one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values to - be passed to helm template, defined as a map. This - takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use for - templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies whether - to apply env variables substitution for annotation - values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether to - force applying common labels to resources for Kustomize - apps - type: boolean - images: - description: Images is a list of Kustomize image override - specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to resources - for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to resources - for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git repository, - and is only valid for applications sourced from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying a - parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used with - a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of the - source to sync the application to. In case of Git, this - can be commit, tag, or branch. If omitted, will equal - to HEAD. In case of Helm, this is a semver tag for the - Chart's version. - type: string - required: - - repoURL - type: object - sources: - description: Sources is a reference to the application's multiple - sources used for comparison - items: - description: ApplicationSource contains all required information - about the source of an application - properties: - chart: - description: Chart is a Helm chart name, and must be - specified for applications sourced from a Helm repo. - type: string - directory: - description: Directory holds path/directory specific - options - properties: - exclude: - description: Exclude contains a glob pattern to - match paths against that should be explicitly - excluded from being used during manifest generation - type: string - include: - description: Include contains a glob pattern to - match paths against that should be explicitly - included during manifest generation - type: string - jsonnet: - description: Jsonnet holds options specific to Jsonnet - properties: - extVars: - description: ExtVars is a list of Jsonnet External - Variables - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - description: Additional library search dirs - items: - type: string - type: array - tlas: - description: TLAS is a list of Jsonnet Top-level - Arguments - items: - description: JsonnetVar represents a variable - to be passed to jsonnet during manifest - generation - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - description: Recurse specifies whether to scan a - directory recursively for manifests - type: boolean - type: object - helm: - description: Helm holds helm specific options - properties: - fileParameters: - description: FileParameters are file parameters - to the helm template - items: - description: HelmFileParameter is a file parameter - that's passed to helm template during manifest - generation - properties: - name: - description: Name is the name of the Helm - parameter - type: string - path: - description: Path is the path to the file - containing the values for the Helm parameter - type: string - type: object - type: array - ignoreMissingValueFiles: - description: IgnoreMissingValueFiles prevents helm - template from failing when valueFiles do not exist - locally by not appending them to helm template - --values - type: boolean - parameters: - description: Parameters is a list of Helm parameters - which are passed to the helm template command - upon manifest generation - items: - description: HelmParameter is a parameter that's - passed to helm template during manifest generation - properties: - forceString: - description: ForceString determines whether - to tell Helm to interpret booleans and numbers - as strings - type: boolean - name: - description: Name is the name of the Helm - parameter - type: string - value: - description: Value is the value for the Helm - parameter - type: string - type: object - type: array - passCredentials: - description: PassCredentials pass credentials to - all domains (Helm's --pass-credentials) - type: boolean - releaseName: - description: ReleaseName is the Helm release name - to use. If omitted it will use the application - name - type: string - skipCrds: - description: SkipCrds skips custom resource definition - installation step (Helm's --skip-crds) - type: boolean - valueFiles: - description: ValuesFiles is a list of Helm value - files to use when generating a template - items: - type: string - type: array - values: - description: Values specifies Helm values to be - passed to helm template, typically defined as - a block. ValuesObject takes precedence over Values, - so use one or the other. - type: string - valuesObject: - description: ValuesObject specifies Helm values - to be passed to helm template, defined as a map. - This takes precedence over Values. - type: object - x-kubernetes-preserve-unknown-fields: true - version: - description: Version is the Helm version to use - for templating ("3") - type: string - type: object - kustomize: - description: Kustomize holds kustomize specific options - properties: - commonAnnotations: - additionalProperties: - type: string - description: CommonAnnotations is a list of additional - annotations to add to rendered manifests - type: object - commonAnnotationsEnvsubst: - description: CommonAnnotationsEnvsubst specifies - whether to apply env variables substitution for - annotation values - type: boolean - commonLabels: - additionalProperties: - type: string - description: CommonLabels is a list of additional - labels to add to rendered manifests - type: object - components: - description: Components specifies a list of kustomize - components to add to the kustomization before - building - items: - type: string - type: array - forceCommonAnnotations: - description: ForceCommonAnnotations specifies whether - to force applying common annotations to resources - for Kustomize apps - type: boolean - forceCommonLabels: - description: ForceCommonLabels specifies whether - to force applying common labels to resources for - Kustomize apps - type: boolean - images: - description: Images is a list of Kustomize image - override specifications - items: - description: KustomizeImage represents a Kustomize - image definition in the format [old_image_name=]: - type: string - type: array - namePrefix: - description: NamePrefix is a prefix appended to - resources for Kustomize apps - type: string - nameSuffix: - description: NameSuffix is a suffix appended to - resources for Kustomize apps - type: string - namespace: - description: Namespace sets the namespace that Kustomize - adds to all resources - type: string - patches: - description: Patches is a list of Kustomize patches - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - description: Replicas is a list of Kustomize Replicas - override specifications - items: - properties: - count: - anyOf: - - type: integer - - type: string - description: Number of replicas - x-kubernetes-int-or-string: true - name: - description: Name of Deployment or StatefulSet - type: string - required: - - count - - name - type: object - type: array - version: - description: Version controls which version of Kustomize - to use for rendering manifests - type: string - type: object - path: - description: Path is a directory path within the Git - repository, and is only valid for applications sourced - from Git. - type: string - plugin: - description: Plugin holds config management plugin specific - options - properties: - env: - description: Env is a list of environment variable - entries - items: - description: EnvEntry represents an entry in the - application's environment - properties: - name: - description: Name is the name of the variable, - usually expressed in uppercase - type: string - value: - description: Value is the value of the variable - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - description: Array is the value of an array - type parameter. - items: - type: string - type: array - map: - additionalProperties: - type: string - description: Map is the value of a map type - parameter. - type: object - name: - description: Name is the name identifying - a parameter. - type: string - string: - description: String_ is the value of a string - type parameter. - type: string - type: object - type: array - type: object - ref: - description: Ref is reference to another source within - sources field. This field will not be used if used - with a `source` tag. - type: string - repoURL: - description: RepoURL is the URL to the repository (Git - or Helm) that contains the application manifests - type: string - targetRevision: - description: TargetRevision defines the revision of - the source to sync the application to. In case of - Git, this can be commit, tag, or branch. If omitted, - will equal to HEAD. In case of Helm, this is a semver - tag for the Chart's version. - type: string - required: - - repoURL - type: object - type: array - required: - - destination - type: object - revision: - description: Revision contains information about the revision - the comparison has been performed to - type: string - revisions: - description: Revisions contains information about the revisions - of multiple sources the comparison has been performed to - items: - type: string - type: array - status: - description: Status is the sync state of the comparison - type: string - required: - - status - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: applicationsets.argoproj.io - app.kubernetes.io/part-of: argocd - name: applicationsets.argoproj.io -spec: - group: argoproj.io - names: - kind: ApplicationSet - listKind: ApplicationSetList - plural: applicationsets - shortNames: - - appset - - appsets - singular: applicationset - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - applyNestedSelectors: - type: boolean - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - type: object - merge: - properties: - generators: - items: - properties: - clusterDecisionResource: - properties: - configMapRef: - type: string - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - name: - type: string - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - clusters: - properties: - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - git: - properties: - directories: - items: - properties: - exclude: - type: boolean - path: - type: string - required: - - path - type: object - type: array - files: - items: - properties: - path: - type: string - required: - - path - type: object - type: array - pathParamPrefix: - type: string - repoURL: - type: string - requeueAfterSeconds: - format: int64 - type: integer - revision: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - repoURL - - revision - type: object - list: - properties: - elements: - items: - x-kubernetes-preserve-unknown-fields: true - type: array - elementsYaml: - type: string - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - elements - type: object - matrix: - x-kubernetes-preserve-unknown-fields: true - merge: - x-kubernetes-preserve-unknown-fields: true - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - mergeKeys: - items: - type: string - type: array - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - required: - - generators - - mergeKeys - type: object - plugin: - properties: - configMapRef: - properties: - name: - type: string - required: - - name - type: object - input: - properties: - parameters: - additionalProperties: - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - required: - - configMapRef - type: object - pullRequest: - properties: - azuredevops: - properties: - api: - type: string - labels: - items: - type: string - type: array - organization: - type: string - project: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - - project - - repo - type: object - bitbucket: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - bearerToken: - properties: - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - tokenRef - type: object - owner: - type: string - repo: - type: string - required: - - owner - - repo - type: object - bitbucketServer: - properties: - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - repo: - type: string - required: - - api - - project - - repo - type: object - filters: - items: - properties: - branchMatch: - type: string - targetBranchMatch: - type: string - type: object - type: array - gitea: - properties: - api: - type: string - insecure: - type: boolean - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - - repo - type: object - github: - properties: - api: - type: string - appSecretName: - type: string - labels: - items: - type: string - type: array - owner: - type: string - repo: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - owner - - repo - type: object - gitlab: - properties: - api: - type: string - insecure: - type: boolean - labels: - items: - type: string - type: array - project: - type: string - pullRequestState: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - project - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - type: object - scmProvider: - properties: - awsCodeCommit: - properties: - allBranches: - type: boolean - region: - type: string - role: - type: string - tagFilters: - items: - properties: - key: - type: string - value: - type: string - required: - - key - type: object - type: array - type: object - azureDevOps: - properties: - accessTokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - allBranches: - type: boolean - api: - type: string - organization: - type: string - teamProject: - type: string - required: - - accessTokenRef - - organization - - teamProject - type: object - bitbucket: - properties: - allBranches: - type: boolean - appPasswordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - owner: - type: string - user: - type: string - required: - - appPasswordRef - - owner - - user - type: object - bitbucketServer: - properties: - allBranches: - type: boolean - api: - type: string - basicAuth: - properties: - passwordRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - username: - type: string - required: - - passwordRef - - username - type: object - project: - type: string - required: - - api - - project - type: object - cloneProtocol: - type: string - filters: - items: - properties: - branchMatch: - type: string - labelMatch: - type: string - pathsDoNotExist: - items: - type: string - type: array - pathsExist: - items: - type: string - type: array - repositoryMatch: - type: string - type: object - type: array - gitea: - properties: - allBranches: - type: boolean - api: - type: string - insecure: - type: boolean - owner: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - api - - owner - type: object - github: - properties: - allBranches: - type: boolean - api: - type: string - appSecretName: - type: string - organization: - type: string - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - required: - - organization - type: object - gitlab: - properties: - allBranches: - type: boolean - api: - type: string - group: - type: string - includeSharedProjects: - type: boolean - includeSubgroups: - type: boolean - insecure: - type: boolean - tokenRef: - properties: - key: - type: string - secretName: - type: string - required: - - key - - secretName - type: object - topic: - type: string - required: - - group - type: object - requeueAfterSeconds: - format: int64 - type: integer - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - values: - additionalProperties: - type: string - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: object - type: array - goTemplate: - type: boolean - goTemplateOptions: - items: - type: string - type: array - ignoreApplicationDifferences: - items: - properties: - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - name: - type: string - type: object - type: array - preservedFields: - properties: - annotations: - items: - type: string - type: array - labels: - items: - type: string - type: array - type: object - strategy: - properties: - rollingSync: - properties: - steps: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - type: object - type: array - maxUpdate: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: array - type: object - type: - type: string - type: object - syncPolicy: - properties: - applicationsSync: - enum: - - create-only - - create-update - - create-delete - - sync - type: string - preserveResourcesOnDeletion: - type: boolean - type: object - template: - properties: - metadata: - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - properties: - destination: - properties: - name: - type: string - namespace: - type: string - server: - type: string - type: object - ignoreDifferences: - items: - properties: - group: - type: string - jqPathExpressions: - items: - type: string - type: array - jsonPointers: - items: - type: string - type: array - kind: - type: string - managedFieldsManagers: - items: - type: string - type: array - name: - type: string - namespace: - type: string - required: - - kind - type: object - type: array - info: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - project: - type: string - revisionHistoryLimit: - format: int64 - type: integer - source: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - sources: - items: - properties: - chart: - type: string - directory: - properties: - exclude: - type: string - include: - type: string - jsonnet: - properties: - extVars: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - libs: - items: - type: string - type: array - tlas: - items: - properties: - code: - type: boolean - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - type: object - recurse: - type: boolean - type: object - helm: - properties: - fileParameters: - items: - properties: - name: - type: string - path: - type: string - type: object - type: array - ignoreMissingValueFiles: - type: boolean - parameters: - items: - properties: - forceString: - type: boolean - name: - type: string - value: - type: string - type: object - type: array - passCredentials: - type: boolean - releaseName: - type: string - skipCrds: - type: boolean - valueFiles: - items: - type: string - type: array - values: - type: string - valuesObject: - type: object - x-kubernetes-preserve-unknown-fields: true - version: - type: string - type: object - kustomize: - properties: - commonAnnotations: - additionalProperties: - type: string - type: object - commonAnnotationsEnvsubst: - type: boolean - commonLabels: - additionalProperties: - type: string - type: object - components: - items: - type: string - type: array - forceCommonAnnotations: - type: boolean - forceCommonLabels: - type: boolean - images: - items: - type: string - type: array - namePrefix: - type: string - nameSuffix: - type: string - namespace: - type: string - patches: - items: - properties: - options: - additionalProperties: - type: boolean - type: object - patch: - type: string - path: - type: string - target: - properties: - annotationSelector: - type: string - group: - type: string - kind: - type: string - labelSelector: - type: string - name: - type: string - namespace: - type: string - version: - type: string - type: object - type: object - type: array - replicas: - items: - properties: - count: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - name: - type: string - required: - - count - - name - type: object - type: array - version: - type: string - type: object - path: - type: string - plugin: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - name: - type: string - parameters: - items: - properties: - array: - items: - type: string - type: array - map: - additionalProperties: - type: string - type: object - name: - type: string - string: - type: string - type: object - type: array - type: object - ref: - type: string - repoURL: - type: string - targetRevision: - type: string - required: - - repoURL - type: object - type: array - syncPolicy: - properties: - automated: - properties: - allowEmpty: - type: boolean - prune: - type: boolean - selfHeal: - type: boolean - type: object - managedNamespaceMetadata: - properties: - annotations: - additionalProperties: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - type: object - retry: - properties: - backoff: - properties: - duration: - type: string - factor: - format: int64 - type: integer - maxDuration: - type: string - type: object - limit: - format: int64 - type: integer - type: object - syncOptions: - items: - type: string - type: array - type: object - required: - - destination - - project - type: object - required: - - metadata - - spec - type: object - templatePatch: - type: string - required: - - generators - - template - type: object - status: - properties: - applicationStatus: - items: - properties: - application: - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - status: - type: string - step: - type: string - required: - - application - - message - - status - - step - type: object - type: array - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - message - - reason - - status - - type - type: object - type: array - type: object - required: - - metadata - - spec - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/name: appprojects.argoproj.io - app.kubernetes.io/part-of: argocd - name: appprojects.argoproj.io -spec: - group: argoproj.io - names: - kind: AppProject - listKind: AppProjectList - plural: appprojects - shortNames: - - appproj - - appprojs - singular: appproject - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: 'AppProject provides a logical grouping of applications, providing - controls for: * where the apps may deploy to (cluster whitelist) * what - may be deployed (repository whitelist, resource whitelist/blacklist) * who - can access these applications (roles, OIDC group claims bindings) * and - what they can do (RBAC policies) * automation access to these roles (JWT - tokens)' - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AppProjectSpec is the specification of an AppProject - properties: - clusterResourceBlacklist: - description: ClusterResourceBlacklist contains list of blacklisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - clusterResourceWhitelist: - description: ClusterResourceWhitelist contains list of whitelisted - cluster level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - description: - description: Description contains optional project description - type: string - destinations: - description: Destinations contains list of destinations available - for deployment - items: - description: ApplicationDestination holds information about the - application's destination - properties: - name: - description: Name is an alternate way of specifying the target - cluster by its symbolic name. This must be set if Server is - not set. - type: string - namespace: - description: Namespace specifies the target namespace for the - application's resources. The namespace will only be set for - namespace-scoped resources that have not set a value for .metadata.namespace - type: string - server: - description: Server specifies the URL of the target cluster's - Kubernetes control plane API. This must be set if Name is - not set. - type: string - type: object - type: array - namespaceResourceBlacklist: - description: NamespaceResourceBlacklist contains list of blacklisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - namespaceResourceWhitelist: - description: NamespaceResourceWhitelist contains list of whitelisted - namespace level resources - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - orphanedResources: - description: OrphanedResources specifies if controller should monitor - orphaned resources of apps in this project - properties: - ignore: - description: Ignore contains a list of resources that are to be - excluded from orphaned resources monitoring - items: - description: OrphanedResourceKey is a reference to a resource - to be ignored from - properties: - group: - type: string - kind: - type: string - name: - type: string - type: object - type: array - warn: - description: Warn indicates if warning condition should be created - for apps which have orphaned resources - type: boolean - type: object - permitOnlyProjectScopedClusters: - description: PermitOnlyProjectScopedClusters determines whether destinations - can only reference clusters which are project-scoped - type: boolean - roles: - description: Roles are user defined RBAC roles associated with this - project - items: - description: ProjectRole represents a role that has access to a - project - properties: - description: - description: Description is a description of the role - type: string - groups: - description: Groups are a list of OIDC group claims bound to - this role - items: - type: string - type: array - jwtTokens: - description: JWTTokens are a list of generated JWT tokens bound - to this role - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - name: - description: Name is a name for this role - type: string - policies: - description: Policies Stores a list of casbin formatted strings - that define access policies for the role in the project - items: - type: string - type: array - required: - - name - type: object - type: array - signatureKeys: - description: SignatureKeys contains a list of PGP key IDs that commits - in Git must be signed with in order to be allowed for sync - items: - description: SignatureKey is the specification of a key required - to verify commit signatures with - properties: - keyID: - description: The ID of the key in hexadecimal notation - type: string - required: - - keyID - type: object - type: array - sourceNamespaces: - description: SourceNamespaces defines the namespaces application resources - are allowed to be created in - items: - type: string - type: array - sourceRepos: - description: SourceRepos contains list of repository URLs which can - be used for deployment - items: - type: string - type: array - syncWindows: - description: SyncWindows controls when syncs can be run for apps in - this project - items: - description: SyncWindow contains the kind, time, duration and attributes - that are used to assign the syncWindows to apps - properties: - applications: - description: Applications contains a list of applications that - the window will apply to - items: - type: string - type: array - clusters: - description: Clusters contains a list of clusters that the window - will apply to - items: - type: string - type: array - duration: - description: Duration is the amount of time the sync window - will be open - type: string - kind: - description: Kind defines if the window allows or blocks syncs - type: string - manualSync: - description: ManualSync enables manual syncs when they would - otherwise be blocked - type: boolean - namespaces: - description: Namespaces contains a list of namespaces that the - window will apply to - items: - type: string - type: array - schedule: - description: Schedule is the time the window will begin, specified - in cron format - type: string - timeZone: - description: TimeZone of the sync that will be applied to the - schedule - type: string - type: object - type: array - type: object - status: - description: AppProjectStatus contains status information for AppProject - CRs - properties: - jwtTokensByRole: - additionalProperties: - description: JWTTokens represents a list of JWT tokens - properties: - items: - items: - description: JWTToken holds the issuedAt and expiresAt values - of a token - properties: - exp: - format: int64 - type: integer - iat: - format: int64 - type: integer - id: - type: string - required: - - iat - type: object - type: array - type: object - description: JWTTokensByRole contains a list of JWT tokens issued - for a given role - type: object - type: object - required: - - metadata - - spec - type: object - served: true - storage: true ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list -- apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - argoproj.io - resources: - - appprojects - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - apps - - extensions - resources: - - deployments - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - verbs: - - get - - list - - watch - - update - - patch -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - list - - watch -- apiGroups: - - "" - resourceNames: - - argocd-notifications-cm - resources: - - configmaps - verbs: - - get -- apiGroups: - - "" - resourceNames: - - argocd-notifications-secret - resources: - - secrets - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - "" - resources: - - secrets - - configmaps - verbs: - - create - - get - - list - - watch - - update - - patch - - delete -- apiGroups: - - argoproj.io - resources: - - applications - - appprojects - - applicationsets - verbs: - - create - - get - - list - - watch - - update - - delete - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' -- nonResourceURLs: - - '*' - verbs: - - '*' ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -rules: -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - - applicationsets/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - argoproj.io - resources: - - applicationsets/status - verbs: - - get - - patch - - update -- apiGroups: - - argoproj.io - resources: - - appprojects - verbs: - - get -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - update - - delete - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - apps - - extensions - resources: - - deployments - verbs: - - get - - list - - watch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - delete - - get - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - list -- apiGroups: - - "" - resources: - - pods - - pods/log - verbs: - - get -- apiGroups: - - argoproj.io - resources: - - applications - - applicationsets - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - - jobs - verbs: - - create -- apiGroups: - - argoproj.io - resources: - - workflows - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-applicationset-controller -subjects: -- kind: ServiceAccount - name: argocd-applicationset-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-dex-server -subjects: -- kind: ServiceAccount - name: argocd-dex-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-notifications-controller -subjects: -- kind: ServiceAccount - name: argocd-notifications-controller ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-application-controller -subjects: -- kind: ServiceAccount - name: argocd-application-controller - namespace: argocd ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-applicationset-controller -subjects: -- kind: ServiceAccount - name: argocd-applicationset-controller - namespace: argocd ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: argocd-server -subjects: -- kind: ServiceAccount - name: argocd-server - namespace: argocd ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-cm - app.kubernetes.io/part-of: argocd - name: argocd-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-cmd-params-cm - app.kubernetes.io/part-of: argocd - name: argocd-cmd-params-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-gpg-keys-cm - app.kubernetes.io/part-of: argocd - name: argocd-gpg-keys-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-rbac-cm - app.kubernetes.io/part-of: argocd - name: argocd-rbac-cm ---- -apiVersion: v1 -data: - ssh_known_hosts: | - # This file was automatically generated by hack/update-ssh-known-hosts.sh. DO NOT EDIT - [ssh.github.com]:443 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - [ssh.github.com]:443 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - [ssh.github.com]:443 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - bitbucket.org ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPIQmuzMBuKdWeF4+a2sjSSpBK0iqitSQ+5BM9KhpexuGt20JpTVM7u5BDZngncgrqDMbWdxMWWOGtZ9UgbqgZE= - bitbucket.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIazEu89wgQZ4bqs3d63QSMzYVa0MuJ2e2gKTKqu+UUO - bitbucket.org ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQeJzhupRu0u0cdegZIa8e86EG2qOCsIsD1Xw0xSeiPDlCr7kq97NLmMbpKTX6Esc30NuoqEEHCuc7yWtwp8dI76EEEB1VqY9QJq6vk+aySyboD5QF61I/1WeTwu+deCbgKMGbUijeXhtfbxSxm6JwGrXrhBdofTsbKRUsrN1WoNgUa8uqN1Vx6WAJw1JHPhglEGGHea6QICwJOAr/6mrui/oB7pkaWKHj3z7d1IC4KWLtY47elvjbaTlkN04Kc/5LFEirorGYVbt15kAUlqGM65pk6ZBxtaO3+30LVlORZkxOh+LKL/BvbZ/iRNhItLqNyieoQj/uh/7Iv4uyH/cV/0b4WDSd3DptigWq84lJubb9t/DnZlrJazxyDCulTmKdOR7vs9gMTo+uoIrPSb8ScTtvw65+odKAlBj59dhnVp9zd7QUojOpXlL62Aw56U4oO+FALuevvMjiWeavKhJqlR7i5n9srYcrNV7ttmDw7kf/97P5zauIhxcjX+xHv4M= - github.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEmKSENjQEezOmxkZMy7opKgwFB9nkt5YRrYMjNuG5N87uRgg6CLrbo5wAdT/y6v0mKV0U2w0WZ2YB/++Tpockg= - github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl - github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk= - gitlab.com ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFSMqzJeV9rUzU4kWitGjeR4PWSa29SPqJ1fVkhtj3Hw9xjLVXVYrU9QlYWrOLXBpQ6KWjbjTDTdDkoohFzgbEY= - gitlab.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfuCHKVTjquxvt6CM6tdG4SLp1Btn/nOeHHE5UOzRdf - gitlab.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCsj2bNKTBSpIYDEGk9KxsGh3mySTRgMtXL583qmBpzeQ+jqCMRgBqB98u3z++J1sKlXHWfM9dyhSevkMwSbhoR8XIq/U0tCNyokEi/ueaBMCvbcTHhO7FcwzY92WK4Yt0aGROY5qX2UKSeOvuP4D6TPqKF1onrSzH9bx9XUf2lEdWT/ia1NEKjunUqu1xOB/StKDHMoX4/OKyIzuS0q/T1zOATthvasJFoPrAjkohTyaDUz2LN5JoH839hViyEG82yB+MjcFV5MU3N1l1QL3cVUCh93xSaua1N85qivl+siMkPGbO5xR/En4iEY6K2XPASUEMaieWVNTRCtJ4S8H+9 - ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H - vs-ssh.visualstudio.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC7Hr1oTWqNqOlzGJOfGJ4NakVyIzf1rXYd4d7wo6jBlkLvCA4odBlL0mDUyZ0/QUfTTqeu+tm22gOsv+VrVTMk6vwRU75gY/y9ut5Mb3bR5BV58dKXyq9A9UeB5Cakehn5Zgm6x1mKoVyf+FFn26iYqXJRgzIZZcZ5V6hrE0Qg39kZm4az48o0AUbf6Sp4SLdvnuMa2sVNwHBboS7EJkm57XQPVU3/QpyNLHbWDdzwtrlS+ez30S3AdYhLKEOxAG8weOnyrtLJAUen9mTkol8oII1edf7mWWbWVf0nBmly21+nZcmCTISQBtdcyPaEno7fFQMDD26/s0lfKob4Kw8H -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-ssh-known-hosts-cm - app.kubernetes.io/part-of: argocd - name: argocd-ssh-known-hosts-cm ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/name: argocd-tls-certs-cm - app.kubernetes.io/part-of: argocd - name: argocd-tls-certs-cm ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-secret -type: Opaque ---- -apiVersion: v1 -kind: Secret -metadata: - labels: - app.kubernetes.io/name: argocd-secret - app.kubernetes.io/part-of: argocd - name: argocd-secret -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -spec: - ports: - - name: webhook - port: 7000 - protocol: TCP - targetPort: webhook - - name: metrics - port: 8080 - protocol: TCP - targetPort: metrics - selector: - app.kubernetes.io/name: argocd-applicationset-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - ports: - - appProtocol: TCP - name: http - port: 5556 - protocol: TCP - targetPort: 5556 - - name: grpc - port: 5557 - protocol: TCP - targetPort: 5557 - - name: metrics - port: 5558 - protocol: TCP - targetPort: 5558 - selector: - app.kubernetes.io/name: argocd-dex-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: metrics - app.kubernetes.io/name: argocd-metrics - app.kubernetes.io/part-of: argocd - name: argocd-metrics -spec: - ports: - - name: metrics - port: 8082 - protocol: TCP - targetPort: 8082 - selector: - app.kubernetes.io/name: argocd-application-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller-metrics - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller-metrics -spec: - ports: - - name: metrics - port: 9001 - protocol: TCP - targetPort: 9001 - selector: - app.kubernetes.io/name: argocd-notifications-controller ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - ports: - - name: tcp-redis - port: 6379 - targetPort: 6379 - selector: - app.kubernetes.io/name: argocd-redis ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - ports: - - name: server - port: 8081 - protocol: TCP - targetPort: 8081 - - name: metrics - port: 8084 - protocol: TCP - targetPort: 8084 - selector: - app.kubernetes.io/name: argocd-repo-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 8080 - - name: https - port: 443 - protocol: TCP - targetPort: 8080 - selector: - app.kubernetes.io/name: argocd-server ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server-metrics - app.kubernetes.io/part-of: argocd - name: argocd-server-metrics -spec: - ports: - - name: metrics - port: 8083 - protocol: TCP - targetPort: 8083 - selector: - app.kubernetes.io/name: argocd-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: applicationset-controller - app.kubernetes.io/name: argocd-applicationset-controller - app.kubernetes.io/part-of: argocd - name: argocd-applicationset-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - template: - metadata: - labels: - app.kubernetes.io/name: argocd-applicationset-controller - spec: - containers: - - args: - - /usr/local/bin/argocd-applicationset-controller - env: - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.annotations - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.global.preserved.labels - name: argocd-cmd-params-cm - optional: true - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.leader.election - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_POLICY - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_POLICY_OVERRIDE - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.policy.override - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DEBUG - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.debug - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_DRY_RUN - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.dryrun - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_PROGRESSIVE_SYNCS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.progressive.syncs - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_NEW_GIT_FILE_GLOBBING - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.new.git.file.globbing - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_CONCURRENT_RECONCILIATIONS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.concurrent.reconciliations.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_NAMESPACES - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_SCM_ROOT_CA_PATH - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.scm.root.ca.path - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ALLOWED_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.allowed.scm.providers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_SCM_PROVIDERS - valueFrom: - configMapKeyRef: - key: applicationsetcontroller.enable.scm.providers - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - name: argocd-applicationset-controller - ports: - - containerPort: 7000 - name: webhook - - containerPort: 8080 - name: metrics - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /tmp - name: tmp - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - serviceAccountName: argocd-applicationset-controller - volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: {} - name: gpg-keyring - - emptyDir: {} - name: tmp - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: dex-server - app.kubernetes.io/name: argocd-dex-server - app.kubernetes.io/part-of: argocd - name: argocd-dex-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-dex-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-dex-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - command: - - /shared/argocd-dex - - rundex - env: - - name: ARGOCD_DEX_SERVER_DISABLE_TLS - valueFrom: - configMapKeyRef: - key: dexserver.disable.tls - name: argocd-cmd-params-cm - optional: true - image: ghcr.io/dexidp/dex:v2.37.0 - imagePullPolicy: Always - name: dex - ports: - - containerPort: 5556 - - containerPort: 5557 - - containerPort: 5558 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - - mountPath: /tls - name: argocd-dex-server-tls - initContainers: - - command: - - /bin/cp - - -n - - /usr/local/bin/argocd - - /shared/argocd-dex - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - name: copyutil - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /shared - name: static-files - - mountPath: /tmp - name: dexconfig - serviceAccountName: argocd-dex-server - volumes: - - emptyDir: {} - name: static-files - - emptyDir: {} - name: dexconfig - - name: argocd-dex-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-dex-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/name: argocd-notifications-controller - spec: - containers: - - args: - - /usr/local/bin/argocd-notifications - env: - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATIONS_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: notificationscontroller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_NOTIFICATION_CONTROLLER_SELF_SERVICE_NOTIFICATION_ENABLED - valueFrom: - configMapKeyRef: - key: notificationscontroller.selfservice.enabled - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - livenessProbe: - tcpSocket: - port: 9001 - name: argocd-notifications-controller - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - volumeMounts: - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - workingDir: /app - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - serviceAccountName: argocd-notifications-controller - volumes: - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: redis - app.kubernetes.io/name: argocd-redis - app.kubernetes.io/part-of: argocd - name: argocd-redis -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-redis - template: - metadata: - labels: - app.kubernetes.io/name: argocd-redis - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - --save - - "" - - --appendonly - - "no" - image: redis:7.0.14-alpine - imagePullPolicy: Always - name: redis - ports: - - containerPort: 6379 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - securityContext: - runAsNonRoot: true - runAsUser: 999 - seccompProfile: - type: RuntimeDefault - serviceAccountName: argocd-redis ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: repo-server - app.kubernetes.io/name: argocd-repo-server - app.kubernetes.io/part-of: argocd - name: argocd-repo-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-repo-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - automountServiceAccountToken: false - containers: - - args: - - /usr/local/bin/argocd-repo-server - env: - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_REPO_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: reposerver.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: reposerver.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: reposerver.parallelism.limit - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_LISTEN_METRICS_ADDRESS - valueFrom: - configMapKeyRef: - key: reposerver.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_TLS - valueFrom: - configMapKeyRef: - key: reposerver.disable.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - key: reposerver.tls.minversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - key: reposerver.tls.maxversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - key: reposerver.tls.ciphers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: reposerver.repo.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: reposerver.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - key: otlp.insecure - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - key: otlp.headers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_MAX_COMBINED_DIRECTORY_MANIFESTS_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.max.combined.directory.manifests.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_PLUGIN_TAR_EXCLUSIONS - valueFrom: - configMapKeyRef: - key: reposerver.plugin.tar.exclusions - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_ALLOW_OUT_OF_BOUNDS_SYMLINKS - valueFrom: - configMapKeyRef: - key: reposerver.allow.oob.symlinks - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_TAR_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.tar.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_STREAMED_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.streamed.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.helm.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE - valueFrom: - configMapKeyRef: - key: reposerver.disable.helm.manifest.max.extracted.size - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_MODULES_ENABLED - valueFrom: - configMapKeyRef: - key: reposerver.enable.git.submodule - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_LS_REMOTE_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: reposerver.git.lsremote.parallelism.limit - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_GIT_REQUEST_TIMEOUT - valueFrom: - configMapKeyRef: - key: reposerver.git.request.timeout - name: argocd-cmd-params-cm - optional: true - - name: HELM_CACHE_HOME - value: /helm-working-dir - - name: HELM_CONFIG_HOME - value: /helm-working-dir - - name: HELM_DATA_HOME - value: /helm-working-dir - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - livenessProbe: - failureThreshold: 3 - httpGet: - path: /healthz?full=true - port: 8084 - initialDelaySeconds: 30 - periodSeconds: 30 - timeoutSeconds: 5 - name: argocd-repo-server - ports: - - containerPort: 8081 - - containerPort: 8084 - readinessProbe: - httpGet: - path: /healthz - port: 8084 - initialDelaySeconds: 5 - periodSeconds: 10 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/gpg/source - name: gpg-keys - - mountPath: /app/config/gpg/keys - name: gpg-keyring - - mountPath: /app/config/reposerver/tls - name: argocd-repo-server-tls - - mountPath: /tmp - name: tmp - - mountPath: /helm-working-dir - name: helm-working-dir - - mountPath: /home/argocd/cmp-server/plugins - name: plugins - initContainers: - - command: - - /bin/cp - - -n - - /usr/local/bin/argocd - - /var/run/argocd/argocd-cmp-server - image: quay.io/argoproj/argocd:v2.10.3 - name: copyutil - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /var/run/argocd - name: var-files - serviceAccountName: argocd-repo-server - volumes: - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - configMap: - name: argocd-gpg-keys-cm - name: gpg-keys - - emptyDir: {} - name: gpg-keyring - - emptyDir: {} - name: tmp - - emptyDir: {} - name: helm-working-dir - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls - - emptyDir: {} - name: var-files - - emptyDir: {} - name: plugins ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: server - app.kubernetes.io/name: argocd-server - app.kubernetes.io/part-of: argocd - name: argocd-server -spec: - selector: - matchLabels: - app.kubernetes.io/name: argocd-server - template: - metadata: - labels: - app.kubernetes.io/name: argocd-server - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - /usr/local/bin/argocd-server - env: - - name: ARGOCD_SERVER_INSECURE - valueFrom: - configMapKeyRef: - key: server.insecure - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_BASEHREF - valueFrom: - configMapKeyRef: - key: server.basehref - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ROOTPATH - valueFrom: - configMapKeyRef: - key: server.rootpath - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: server.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOG_LEVEL - valueFrom: - configMapKeyRef: - key: server.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER - valueFrom: - configMapKeyRef: - key: server.dex.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DISABLE_AUTH - valueFrom: - configMapKeyRef: - key: server.disable.auth - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ENABLE_GZIP - valueFrom: - configMapKeyRef: - key: server.enable.gzip - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: server.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_X_FRAME_OPTIONS - valueFrom: - configMapKeyRef: - key: server.x.frame.options - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_CONTENT_SECURITY_POLICY - valueFrom: - configMapKeyRef: - key: server.content.security.policy - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: server.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: server.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: server.dex.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_DEX_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: server.dex.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MIN_VERSION - valueFrom: - configMapKeyRef: - key: server.tls.minversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_MAX_VERSION - valueFrom: - configMapKeyRef: - key: server.tls.maxversion - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_TLS_CIPHERS - valueFrom: - configMapKeyRef: - key: server.tls.ciphers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_CONNECTION_STATUS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.connection.status.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OIDC_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.oidc.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LOGIN_ATTEMPTS_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.login.attempts.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_STATIC_ASSETS - valueFrom: - configMapKeyRef: - key: server.staticassets - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.app.state.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: server.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_MAX_COOKIE_NUMBER - valueFrom: - configMapKeyRef: - key: server.http.cookie.maxnumber - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_METRICS_LISTEN_ADDRESS - valueFrom: - configMapKeyRef: - key: server.metrics.listen.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - key: otlp.insecure - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - key: otlp.headers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_SERVER_ENABLE_PROXY_EXTENSION - valueFrom: - configMapKeyRef: - key: server.enable.proxy.extension - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_MAX - valueFrom: - configMapKeyRef: - key: server.k8sclient.retry.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF - valueFrom: - configMapKeyRef: - key: server.k8sclient.retry.base.backoff - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_API_CONTENT_TYPES - valueFrom: - configMapKeyRef: - key: server.api.content.types - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz?full=true - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - timeoutSeconds: 5 - name: argocd-server - ports: - - containerPort: 8080 - - containerPort: 8083 - readinessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 3 - periodSeconds: 30 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/ssh - name: ssh-known-hosts - - mountPath: /app/config/tls - name: tls-certs - - mountPath: /app/config/server/tls - name: argocd-repo-server-tls - - mountPath: /app/config/dex/tls - name: argocd-dex-server-tls - - mountPath: /home/argocd - name: plugins-home - - mountPath: /tmp - name: tmp - serviceAccountName: argocd-server - volumes: - - emptyDir: {} - name: plugins-home - - emptyDir: {} - name: tmp - - configMap: - name: argocd-ssh-known-hosts-cm - name: ssh-known-hosts - - configMap: - name: argocd-tls-certs-cm - name: tls-certs - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls - - name: argocd-dex-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-dex-server-tls ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: application-controller - app.kubernetes.io/name: argocd-application-controller - app.kubernetes.io/part-of: argocd - name: argocd-application-controller -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - serviceName: argocd-application-controller - template: - metadata: - labels: - app.kubernetes.io/name: argocd-application-controller - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - topologyKey: kubernetes.io/hostname - weight: 100 - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/part-of: argocd - topologyKey: kubernetes.io/hostname - weight: 5 - containers: - - args: - - /usr/local/bin/argocd-application-controller - env: - - name: ARGOCD_CONTROLLER_REPLICAS - value: "1" - - name: ARGOCD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_HARD_RECONCILIATION_TIMEOUT - valueFrom: - configMapKeyRef: - key: timeout.hard.reconciliation - name: argocd-cm - optional: true - - name: ARGOCD_RECONCILIATION_JITTER - valueFrom: - configMapKeyRef: - key: timeout.reconciliation.jitter - name: argocd-cm - optional: true - - name: ARGOCD_REPO_ERROR_GRACE_PERIOD_SECONDS - valueFrom: - configMapKeyRef: - key: controller.repo.error.grace.period.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER - valueFrom: - configMapKeyRef: - key: repo.server - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: controller.repo.server.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_STATUS_PROCESSORS - valueFrom: - configMapKeyRef: - key: controller.status.processors - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OPERATION_PROCESSORS - valueFrom: - configMapKeyRef: - key: controller.operation.processors - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGFORMAT - valueFrom: - configMapKeyRef: - key: controller.log.format - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_LOGLEVEL - valueFrom: - configMapKeyRef: - key: controller.log.level - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_METRICS_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.metrics.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SELF_HEAL_TIMEOUT_SECONDS - valueFrom: - configMapKeyRef: - key: controller.self.heal.timeout.seconds - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_PLAINTEXT - valueFrom: - configMapKeyRef: - key: controller.repo.server.plaintext - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_REPO_SERVER_STRICT_TLS - valueFrom: - configMapKeyRef: - key: controller.repo.server.strict.tls - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_PERSIST_RESOURCE_HEALTH - valueFrom: - configMapKeyRef: - key: controller.resource.health.persist - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APP_STATE_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.app.state.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: REDIS_SERVER - valueFrom: - configMapKeyRef: - key: redis.server - name: argocd-cmd-params-cm - optional: true - - name: REDIS_COMPRESSION - valueFrom: - configMapKeyRef: - key: redis.compression - name: argocd-cmd-params-cm - optional: true - - name: REDISDB - valueFrom: - configMapKeyRef: - key: redis.db - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_DEFAULT_CACHE_EXPIRATION - valueFrom: - configMapKeyRef: - key: controller.default.cache.expiration - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_ADDRESS - valueFrom: - configMapKeyRef: - key: otlp.address - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_INSECURE - valueFrom: - configMapKeyRef: - key: otlp.insecure - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_OTLP_HEADERS - valueFrom: - configMapKeyRef: - key: otlp.headers - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_NAMESPACES - valueFrom: - configMapKeyRef: - key: application.namespaces - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_CONTROLLER_SHARDING_ALGORITHM - valueFrom: - configMapKeyRef: - key: controller.sharding.algorithm - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_KUBECTL_PARALLELISM_LIMIT - valueFrom: - configMapKeyRef: - key: controller.kubectl.parallelism.limit - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_MAX - valueFrom: - configMapKeyRef: - key: controller.k8sclient.retry.max - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_K8SCLIENT_RETRY_BASE_BACKOFF - valueFrom: - configMapKeyRef: - key: controller.k8sclient.retry.base.backoff - name: argocd-cmd-params-cm - optional: true - - name: ARGOCD_APPLICATION_CONTROLLER_SERVER_SIDE_DIFF - valueFrom: - configMapKeyRef: - key: controller.diff.server.side - name: argocd-cmd-params-cm - optional: true - image: quay.io/argoproj/argocd:v2.10.3 - imagePullPolicy: Always - name: argocd-application-controller - ports: - - containerPort: 8082 - readinessProbe: - httpGet: - path: /healthz - port: 8082 - initialDelaySeconds: 5 - periodSeconds: 10 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /app/config/controller/tls - name: argocd-repo-server-tls - - mountPath: /home/argocd - name: argocd-home - workingDir: /home/argocd - serviceAccountName: argocd-application-controller - volumes: - - emptyDir: {} - name: argocd-home - - name: argocd-repo-server-tls - secret: - items: - - key: tls.crt - path: tls.crt - - key: tls.key - path: tls.key - - key: ca.crt - path: ca.crt - optional: true - secretName: argocd-repo-server-tls ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-application-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 8082 - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-applicationset-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 7000 - protocol: TCP - - port: 8080 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-dex-server-network-policy -spec: - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - ports: - - port: 5556 - protocol: TCP - - port: 5557 - protocol: TCP - - from: - - namespaceSelector: {} - ports: - - port: 5558 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-dex-server - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - labels: - app.kubernetes.io/component: notifications-controller - app.kubernetes.io/name: argocd-notifications-controller - app.kubernetes.io/part-of: argocd - name: argocd-notifications-controller-network-policy -spec: - ingress: - - from: - - namespaceSelector: {} - ports: - - port: 9001 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-redis-network-policy -spec: - egress: - - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - ports: - - port: 6379 - protocol: TCP - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-redis - policyTypes: - - Ingress - - Egress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-repo-server-network-policy -spec: - ingress: - - from: - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-application-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-notifications-controller - - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-applicationset-controller - ports: - - port: 8081 - protocol: TCP - - from: - - namespaceSelector: {} - ports: - - port: 8084 - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-repo-server - policyTypes: - - Ingress ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: argocd-server-network-policy -spec: - ingress: - - {} - podSelector: - matchLabels: - app.kubernetes.io/name: argocd-server - policyTypes: - - Ingress diff --git a/cmd/examples/argocd/main.go b/cmd/examples/argocd/main.go deleted file mode 100644 index 2adc971..0000000 --- a/cmd/examples/argocd/main.go +++ /dev/null @@ -1,37 +0,0 @@ -package main - -import ( - _ "embed" - "encoding/json" - "fmt" - "os" - "strings" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/util/yaml" -) - -// install.yaml downloaded from https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml - -//go:embed install.yaml -var install string - -func main() { - if err := run(); err != nil { - fmt.Fprintln(os.Stderr, err) - os.Exit(1) - } -} - -func run() error { - var resources []*unstructured.Unstructured - for _, manifest := range strings.Split(install, "\n---\n") { - var resource unstructured.Unstructured - if err := yaml.Unmarshal([]byte(manifest), &resource); err != nil { - return err - } - resources = append(resources, &resource) - } - - return json.NewEncoder(os.Stdout).Encode(resources) -} diff --git a/cmd/examples/internal/flights/argocd/6.6.0/argo-cd-6.6.0.tgz b/cmd/examples/internal/flights/argocd/6.6.0/argo-cd-6.6.0.tgz deleted file mode 100644 index 400be0b..0000000 Binary files a/cmd/examples/internal/flights/argocd/6.6.0/argo-cd-6.6.0.tgz and /dev/null differ diff --git a/cmd/examples/internal/flights/argocd/6.6.0/flight.go b/cmd/examples/internal/flights/argocd/6.6.0/flight.go deleted file mode 100644 index 52c85d3..0000000 --- a/cmd/examples/internal/flights/argocd/6.6.0/flight.go +++ /dev/null @@ -1,24 +0,0 @@ -package argocd - -import ( - _ "embed" - "fmt" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - - "github.com/yokecd/yoke/pkg/helm" -) - -//go:embed argo-cd-6.6.0.tgz -var archive []byte - -// RenderChart renders the chart downloaded from https://argoproj.github.io/argo-helm/argo-cd -// Producing version: 6.6.0 -func RenderChart(release, namespace string, values map[string]any) ([]*unstructured.Unstructured, error) { - chart, err := helm.LoadChartFromZippedArchive(archive) - if err != nil { - return nil, fmt.Errorf("failed to load chart from zipped archive: %w", err) - } - - return chart.Render(release, namespace, values) -} diff --git a/cmd/examples/internal/flights/argocd/argo-cd-6.7.2.tgz b/cmd/examples/internal/flights/argocd/argo-cd-6.7.2.tgz deleted file mode 100644 index 543e53e..0000000 Binary files a/cmd/examples/internal/flights/argocd/argo-cd-6.7.2.tgz and /dev/null differ diff --git a/cmd/examples/internal/flights/argocd/flight.go b/cmd/examples/internal/flights/argocd/flight.go deleted file mode 100644 index 8ca5c7f..0000000 --- a/cmd/examples/internal/flights/argocd/flight.go +++ /dev/null @@ -1,24 +0,0 @@ -package argocd - -import ( - _ "embed" - "fmt" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - - "github.com/yokecd/yoke/pkg/helm" -) - -//go:embed argo-cd-6.7.2.tgz -var archive []byte - -// RenderChart renders the chart downloaded from https://argoproj.github.io/argo-helm/argo-cd -// Producing version: 6.7.2 -func RenderChart(release, namespace string, values map[string]any) ([]*unstructured.Unstructured, error) { - chart, err := helm.LoadChartFromZippedArchive(archive) - if err != nil { - return nil, fmt.Errorf("failed to load chart from zipped archive: %w", err) - } - - return chart.Render(release, namespace, values) -} diff --git a/cmd/examples/internal/flights/mongodb/flight.go b/cmd/examples/internal/flights/mongodb/flight.go deleted file mode 100644 index aa1aa2e..0000000 --- a/cmd/examples/internal/flights/mongodb/flight.go +++ /dev/null @@ -1,22 +0,0 @@ -package mongodb - -import ( - _ "embed" - "fmt" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - - "github.com/yokecd/yoke/pkg/helm" -) - -//go:embed mongodb-14.13.0.tgz -var archive []byte - -func RenderChart(release, namespace string, values *Values) ([]*unstructured.Unstructured, error) { - chart, err := helm.LoadChartFromZippedArchive(archive) - if err != nil { - return nil, fmt.Errorf("failed to load chart from zipped archive: %w", err) - } - - return chart.Render(release, namespace, values) -} diff --git a/cmd/examples/internal/flights/mongodb/mongodb-14.13.0.tgz b/cmd/examples/internal/flights/mongodb/mongodb-14.13.0.tgz deleted file mode 100644 index eab6dce..0000000 Binary files a/cmd/examples/internal/flights/mongodb/mongodb-14.13.0.tgz and /dev/null differ diff --git a/cmd/examples/internal/flights/mongodb/values.go b/cmd/examples/internal/flights/mongodb/values.go deleted file mode 100644 index 05cc75d..0000000 --- a/cmd/examples/internal/flights/mongodb/values.go +++ /dev/null @@ -1,121 +0,0 @@ -// Code generated by github.com/atombender/go-jsonschema, DO NOT EDIT. - -package mongodb - -type Values struct { - // Arbiter corresponds to the JSON schema field "arbiter". - Arbiter *ValuesArbiter `json:"arbiter,omitempty" yaml:"arbiter,omitempty" mapstructure:"arbiter,omitempty"` - - // Allowed values: `standalone` or `replicaset` - Architecture *string `json:"architecture,omitempty" yaml:"architecture,omitempty" mapstructure:"architecture,omitempty"` - - // Auth corresponds to the JSON schema field "auth". - Auth *ValuesAuth `json:"auth,omitempty" yaml:"auth,omitempty" mapstructure:"auth,omitempty"` - - // Configuration corresponds to the JSON schema field "configuration". - Configuration *string `json:"configuration,omitempty" yaml:"configuration,omitempty" mapstructure:"configuration,omitempty"` - - // Metrics corresponds to the JSON schema field "metrics". - Metrics *ValuesMetrics `json:"metrics,omitempty" yaml:"metrics,omitempty" mapstructure:"metrics,omitempty"` - - // NetworkPolicy corresponds to the JSON schema field "networkPolicy". - NetworkPolicy *ValuesNetworkPolicy `json:"networkPolicy,omitempty" yaml:"networkPolicy,omitempty" mapstructure:"networkPolicy,omitempty"` - - // Persistence corresponds to the JSON schema field "persistence". - Persistence *ValuesPersistence `json:"persistence,omitempty" yaml:"persistence,omitempty" mapstructure:"persistence,omitempty"` - - // ReplicaCount corresponds to the JSON schema field "replicaCount". - ReplicaCount *int `json:"replicaCount,omitempty" yaml:"replicaCount,omitempty" mapstructure:"replicaCount,omitempty"` - - // VolumePermissions corresponds to the JSON schema field "volumePermissions". - VolumePermissions *ValuesVolumePermissions `json:"volumePermissions,omitempty" yaml:"volumePermissions,omitempty" mapstructure:"volumePermissions,omitempty"` -} - -type ValuesArbiter struct { - // Configuration corresponds to the JSON schema field "configuration". - Configuration *string `json:"configuration,omitempty" yaml:"configuration,omitempty" mapstructure:"configuration,omitempty"` -} - -type ValuesAuth struct { - // Name of the custom database to be created during the 1st initialization of - // MongoDB® - Database *string `json:"database,omitempty" yaml:"database,omitempty" mapstructure:"database,omitempty"` - - // Enabled corresponds to the JSON schema field "enabled". - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Defaults to a random 10-character alphanumeric string if not set - Password *string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Defaults to a random 10-character alphanumeric string if not set - ReplicaSetKey *string `json:"replicaSetKey,omitempty" yaml:"replicaSetKey,omitempty" mapstructure:"replicaSetKey,omitempty"` - - // Defaults to a random 10-character alphanumeric string if not set - RootPassword *string `json:"rootPassword,omitempty" yaml:"rootPassword,omitempty" mapstructure:"rootPassword,omitempty"` - - // Name of the admin user. Default is root - RootUser *string `json:"rootUser,omitempty" yaml:"rootUser,omitempty" mapstructure:"rootUser,omitempty"` - - // Name of the custom user to be created during the 1st initialization of - // MongoDB®. This user only has permissions on the MongoDB® custom - // database - Username *string `json:"username,omitempty" yaml:"username,omitempty" mapstructure:"username,omitempty"` -} - -type ValuesMetrics struct { - // Create a side-car container to expose Prometheus metrics - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // ServiceMonitor corresponds to the JSON schema field "serviceMonitor". - ServiceMonitor *ValuesMetricsServiceMonitor `json:"serviceMonitor,omitempty" yaml:"serviceMonitor,omitempty" mapstructure:"serviceMonitor,omitempty"` -} - -type ValuesMetricsServiceMonitor struct { - // Create a ServiceMonitor to track metrics using Prometheus Operator - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} - -type ValuesNetworkPolicy struct { - // Egress corresponds to the JSON schema field "egress". - Egress *ValuesNetworkPolicyEgress `json:"egress,omitempty" yaml:"egress,omitempty" mapstructure:"egress,omitempty"` - - // Enable network policy using Kubernetes native NP - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Ingress corresponds to the JSON schema field "ingress". - Ingress *ValuesNetworkPolicyIngress `json:"ingress,omitempty" yaml:"ingress,omitempty" mapstructure:"ingress,omitempty"` -} - -type ValuesNetworkPolicyEgress struct { - // CustomRules corresponds to the JSON schema field "customRules". - CustomRules []interface{} `json:"customRules,omitempty" yaml:"customRules,omitempty" mapstructure:"customRules,omitempty"` -} - -type ValuesNetworkPolicyIngress struct { - // CustomRules corresponds to the JSON schema field "customRules". - CustomRules []interface{} `json:"customRules,omitempty" yaml:"customRules,omitempty" mapstructure:"customRules,omitempty"` - - // NamespaceSelector corresponds to the JSON schema field "namespaceSelector". - NamespaceSelector ValuesNetworkPolicyIngressNamespaceSelector `json:"namespaceSelector,omitempty" yaml:"namespaceSelector,omitempty" mapstructure:"namespaceSelector,omitempty"` - - // PodSelector corresponds to the JSON schema field "podSelector". - PodSelector ValuesNetworkPolicyIngressPodSelector `json:"podSelector,omitempty" yaml:"podSelector,omitempty" mapstructure:"podSelector,omitempty"` -} - -type ValuesNetworkPolicyIngressNamespaceSelector map[string]interface{} - -type ValuesNetworkPolicyIngressPodSelector map[string]interface{} - -type ValuesPersistence struct { - // Enable persistence using Persistent Volume Claims - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Size corresponds to the JSON schema field "size". - Size *string `json:"size,omitempty" yaml:"size,omitempty" mapstructure:"size,omitempty"` -} - -type ValuesVolumePermissions struct { - // Use an init container to set required folder permissions on the data volume - // before mounting it in the final destination - Enabled *bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} diff --git a/cmd/examples/internal/flights/postgresql/flight.go b/cmd/examples/internal/flights/postgresql/flight.go deleted file mode 100644 index 4dc2686..0000000 --- a/cmd/examples/internal/flights/postgresql/flight.go +++ /dev/null @@ -1,22 +0,0 @@ -package postgresql - -import ( - _ "embed" - "fmt" - - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - - "github.com/yokecd/yoke/pkg/helm" -) - -//go:embed postgresql-14.2.3.tgz -var archive []byte - -func RenderChart(release, namespace string, values *Values) ([]*unstructured.Unstructured, error) { - chart, err := helm.LoadChartFromZippedArchive(archive) - if err != nil { - return nil, fmt.Errorf("failed to load chart from zipped archive: %w", err) - } - - return chart.Render(release, namespace, values) -} diff --git a/cmd/examples/internal/flights/postgresql/postgresql-14.2.3.tgz b/cmd/examples/internal/flights/postgresql/postgresql-14.2.3.tgz deleted file mode 100644 index 49c308d..0000000 Binary files a/cmd/examples/internal/flights/postgresql/postgresql-14.2.3.tgz and /dev/null differ diff --git a/cmd/examples/internal/flights/postgresql/values.go b/cmd/examples/internal/flights/postgresql/values.go deleted file mode 100644 index 5295437..0000000 --- a/cmd/examples/internal/flights/postgresql/values.go +++ /dev/null @@ -1,1928 +0,0 @@ -// Code generated by github.com/atombender/go-jsonschema, DO NOT EDIT. - -package postgresql - -type Values struct { - // PostgreSQL architecture (`standalone` or `replication`) - Architecture string `json:"architecture,omitempty" yaml:"architecture,omitempty" mapstructure:"architecture,omitempty"` - - // Audit corresponds to the JSON schema field "audit". - Audit *ValuesAudit `json:"audit,omitempty" yaml:"audit,omitempty" mapstructure:"audit,omitempty"` - - // Auth corresponds to the JSON schema field "auth". - Auth *ValuesAuth `json:"auth,omitempty" yaml:"auth,omitempty" mapstructure:"auth,omitempty"` - - // Backup corresponds to the JSON schema field "backup". - Backup *ValuesBackup `json:"backup,omitempty" yaml:"backup,omitempty" mapstructure:"backup,omitempty"` - - // Kubernetes Cluster Domain - ClusterDomain string `json:"clusterDomain,omitempty" yaml:"clusterDomain,omitempty" mapstructure:"clusterDomain,omitempty"` - - // Add annotations to all the deployed resources - CommonAnnotations ValuesCommonAnnotations `json:"commonAnnotations,omitempty" yaml:"commonAnnotations,omitempty" mapstructure:"commonAnnotations,omitempty"` - - // Add labels to all the deployed resources - CommonLabels ValuesCommonLabels `json:"commonLabels,omitempty" yaml:"commonLabels,omitempty" mapstructure:"commonLabels,omitempty"` - - // ContainerPorts corresponds to the JSON schema field "containerPorts". - ContainerPorts *ValuesContainerPorts `json:"containerPorts,omitempty" yaml:"containerPorts,omitempty" mapstructure:"containerPorts,omitempty"` - - // DiagnosticMode corresponds to the JSON schema field "diagnosticMode". - DiagnosticMode *ValuesDiagnosticMode `json:"diagnosticMode,omitempty" yaml:"diagnosticMode,omitempty" mapstructure:"diagnosticMode,omitempty"` - - // Array of extra objects to deploy with the release (evaluated as a template) - ExtraDeploy []interface{} `json:"extraDeploy,omitempty" yaml:"extraDeploy,omitempty" mapstructure:"extraDeploy,omitempty"` - - // String to fully override common.names.fullname template - FullnameOverride string `json:"fullnameOverride,omitempty" yaml:"fullnameOverride,omitempty" mapstructure:"fullnameOverride,omitempty"` - - // Global corresponds to the JSON schema field "global". - Global *ValuesGlobal `json:"global,omitempty" yaml:"global,omitempty" mapstructure:"global,omitempty"` - - // Image corresponds to the JSON schema field "image". - Image *ValuesImage `json:"image,omitempty" yaml:"image,omitempty" mapstructure:"image,omitempty"` - - // Override Kubernetes version - KubeVersion string `json:"kubeVersion,omitempty" yaml:"kubeVersion,omitempty" mapstructure:"kubeVersion,omitempty"` - - // Ldap corresponds to the JSON schema field "ldap". - Ldap *ValuesLdap `json:"ldap,omitempty" yaml:"ldap,omitempty" mapstructure:"ldap,omitempty"` - - // Metrics corresponds to the JSON schema field "metrics". - Metrics *ValuesMetrics `json:"metrics,omitempty" yaml:"metrics,omitempty" mapstructure:"metrics,omitempty"` - - // String to partially override common.names.fullname template (will maintain the - // release name) - NameOverride string `json:"nameOverride,omitempty" yaml:"nameOverride,omitempty" mapstructure:"nameOverride,omitempty"` - - // PostgreSQL data dir folder - PostgresqlDataDir string `json:"postgresqlDataDir,omitempty" yaml:"postgresqlDataDir,omitempty" mapstructure:"postgresqlDataDir,omitempty"` - - // Shared preload libraries (comma-separated list) - PostgresqlSharedPreloadLibraries string `json:"postgresqlSharedPreloadLibraries,omitempty" yaml:"postgresqlSharedPreloadLibraries,omitempty" mapstructure:"postgresqlSharedPreloadLibraries,omitempty"` - - // Primary corresponds to the JSON schema field "primary". - Primary *ValuesPrimary `json:"primary,omitempty" yaml:"primary,omitempty" mapstructure:"primary,omitempty"` - - // Psp corresponds to the JSON schema field "psp". - Psp *ValuesPsp `json:"psp,omitempty" yaml:"psp,omitempty" mapstructure:"psp,omitempty"` - - // Rbac corresponds to the JSON schema field "rbac". - Rbac *ValuesRbac `json:"rbac,omitempty" yaml:"rbac,omitempty" mapstructure:"rbac,omitempty"` - - // ReadReplicas corresponds to the JSON schema field "readReplicas". - ReadReplicas *ValuesReadReplicas `json:"readReplicas,omitempty" yaml:"readReplicas,omitempty" mapstructure:"readReplicas,omitempty"` - - // Replication corresponds to the JSON schema field "replication". - Replication *ValuesReplication `json:"replication,omitempty" yaml:"replication,omitempty" mapstructure:"replication,omitempty"` - - // ServiceAccount corresponds to the JSON schema field "serviceAccount". - ServiceAccount *ValuesServiceAccount `json:"serviceAccount,omitempty" yaml:"serviceAccount,omitempty" mapstructure:"serviceAccount,omitempty"` - - // ServiceBindings corresponds to the JSON schema field "serviceBindings". - ServiceBindings *ValuesServiceBindings `json:"serviceBindings,omitempty" yaml:"serviceBindings,omitempty" mapstructure:"serviceBindings,omitempty"` - - // ShmVolume corresponds to the JSON schema field "shmVolume". - ShmVolume *ValuesShmVolume `json:"shmVolume,omitempty" yaml:"shmVolume,omitempty" mapstructure:"shmVolume,omitempty"` - - // Tls corresponds to the JSON schema field "tls". - Tls *ValuesTls `json:"tls,omitempty" yaml:"tls,omitempty" mapstructure:"tls,omitempty"` - - // VolumePermissions corresponds to the JSON schema field "volumePermissions". - VolumePermissions *ValuesVolumePermissions `json:"volumePermissions,omitempty" yaml:"volumePermissions,omitempty" mapstructure:"volumePermissions,omitempty"` -} - -type ValuesAudit struct { - // Message log level to share with the user - ClientMinMessages string `json:"clientMinMessages,omitempty" yaml:"clientMinMessages,omitempty" mapstructure:"clientMinMessages,omitempty"` - - // Add client log-in operations to the log file - LogConnections bool `json:"logConnections,omitempty" yaml:"logConnections,omitempty" mapstructure:"logConnections,omitempty"` - - // Add client log-outs operations to the log file - LogDisconnections bool `json:"logDisconnections,omitempty" yaml:"logDisconnections,omitempty" mapstructure:"logDisconnections,omitempty"` - - // Log client hostnames - LogHostname bool `json:"logHostname,omitempty" yaml:"logHostname,omitempty" mapstructure:"logHostname,omitempty"` - - // Template for log line prefix (default if not set) - LogLinePrefix string `json:"logLinePrefix,omitempty" yaml:"logLinePrefix,omitempty" mapstructure:"logLinePrefix,omitempty"` - - // Timezone for the log timestamps - LogTimezone string `json:"logTimezone,omitempty" yaml:"logTimezone,omitempty" mapstructure:"logTimezone,omitempty"` - - // Add operations to log using the pgAudit extension - PgAuditLog string `json:"pgAuditLog,omitempty" yaml:"pgAuditLog,omitempty" mapstructure:"pgAuditLog,omitempty"` - - // Log catalog using pgAudit - PgAuditLogCatalog string `json:"pgAuditLogCatalog,omitempty" yaml:"pgAuditLogCatalog,omitempty" mapstructure:"pgAuditLogCatalog,omitempty"` -} - -type ValuesAuth struct { - // Name for a custom database to create - Database string `json:"database,omitempty" yaml:"database,omitempty" mapstructure:"database,omitempty"` - - // Assign a password to the "postgres" admin user. Otherwise, remote access will - // be blocked for this user - EnablePostgresUser bool `json:"enablePostgresUser,omitempty" yaml:"enablePostgresUser,omitempty" mapstructure:"enablePostgresUser,omitempty"` - - // Name of existing secret to use for PostgreSQL credentials. - // `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will - // be ignored and picked up from this secret. The secret might also contains the - // key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored - // and picked from this secret in this case. - ExistingSecret string `json:"existingSecret,omitempty" yaml:"existingSecret,omitempty" mapstructure:"existingSecret,omitempty"` - - // Password for the custom user to create. Ignored if `auth.existingSecret` is - // provided - Password string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Password for the "postgres" admin user. Ignored if `auth.existingSecret` is - // provided - PostgresPassword string `json:"postgresPassword,omitempty" yaml:"postgresPassword,omitempty" mapstructure:"postgresPassword,omitempty"` - - // Password for the replication user. Ignored if `auth.existingSecret` is provided - ReplicationPassword string `json:"replicationPassword,omitempty" yaml:"replicationPassword,omitempty" mapstructure:"replicationPassword,omitempty"` - - // Name of the replication user - ReplicationUsername string `json:"replicationUsername,omitempty" yaml:"replicationUsername,omitempty" mapstructure:"replicationUsername,omitempty"` - - // SecretKeys corresponds to the JSON schema field "secretKeys". - SecretKeys *ValuesAuthSecretKeys `json:"secretKeys,omitempty" yaml:"secretKeys,omitempty" mapstructure:"secretKeys,omitempty"` - - // Mount credentials as a files instead of using an environment variable - UsePasswordFiles bool `json:"usePasswordFiles,omitempty" yaml:"usePasswordFiles,omitempty" mapstructure:"usePasswordFiles,omitempty"` - - // Name for a custom user to create - Username string `json:"username,omitempty" yaml:"username,omitempty" mapstructure:"username,omitempty"` -} - -type ValuesAuthSecretKeys struct { - // Name of key in existing secret to use for PostgreSQL credentials. Only used - // when `auth.existingSecret` is set. - AdminPasswordKey string `json:"adminPasswordKey,omitempty" yaml:"adminPasswordKey,omitempty" mapstructure:"adminPasswordKey,omitempty"` - - // Name of key in existing secret to use for PostgreSQL credentials. Only used - // when `auth.existingSecret` is set. - ReplicationPasswordKey string `json:"replicationPasswordKey,omitempty" yaml:"replicationPasswordKey,omitempty" mapstructure:"replicationPasswordKey,omitempty"` - - // Name of key in existing secret to use for PostgreSQL credentials. Only used - // when `auth.existingSecret` is set. - UserPasswordKey string `json:"userPasswordKey,omitempty" yaml:"userPasswordKey,omitempty" mapstructure:"userPasswordKey,omitempty"` -} - -type ValuesBackup struct { - // Cronjob corresponds to the JSON schema field "cronjob". - Cronjob *ValuesBackupCronjob `json:"cronjob,omitempty" yaml:"cronjob,omitempty" mapstructure:"cronjob,omitempty"` - - // Enable the logical dump of the database "regularly" - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} - -type ValuesBackupCronjob struct { - // Set the cronjob annotations - Annotations ValuesBackupCronjobAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Set backup container's command to run - Command []string `json:"command,omitempty" yaml:"command,omitempty" mapstructure:"command,omitempty"` - - // Set the cronjob parameter concurrencyPolicy - ConcurrencyPolicy string `json:"concurrencyPolicy,omitempty" yaml:"concurrencyPolicy,omitempty" mapstructure:"concurrencyPolicy,omitempty"` - - // ContainerSecurityContext corresponds to the JSON schema field - // "containerSecurityContext". - ContainerSecurityContext *ValuesBackupCronjobContainerSecurityContext `json:"containerSecurityContext,omitempty" yaml:"containerSecurityContext,omitempty" mapstructure:"containerSecurityContext,omitempty"` - - // Set the cronjob parameter failedJobsHistoryLimit - FailedJobsHistoryLimit float64 `json:"failedJobsHistoryLimit,omitempty" yaml:"failedJobsHistoryLimit,omitempty" mapstructure:"failedJobsHistoryLimit,omitempty"` - - // Set the cronjob labels - Labels ValuesBackupCronjobLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // Node labels for PostgreSQL backup CronJob pod assignment - NodeSelector ValuesBackupCronjobNodeSelector `json:"nodeSelector,omitempty" yaml:"nodeSelector,omitempty" mapstructure:"nodeSelector,omitempty"` - - // PodSecurityContext corresponds to the JSON schema field "podSecurityContext". - PodSecurityContext *ValuesBackupCronjobPodSecurityContext `json:"podSecurityContext,omitempty" yaml:"podSecurityContext,omitempty" mapstructure:"podSecurityContext,omitempty"` - - // Set the cronjob parameter restartPolicy - RestartPolicy string `json:"restartPolicy,omitempty" yaml:"restartPolicy,omitempty" mapstructure:"restartPolicy,omitempty"` - - // Set the cronjob parameter schedule - Schedule string `json:"schedule,omitempty" yaml:"schedule,omitempty" mapstructure:"schedule,omitempty"` - - // Set the cronjob parameter startingDeadlineSeconds - StartingDeadlineSeconds string `json:"startingDeadlineSeconds,omitempty" yaml:"startingDeadlineSeconds,omitempty" mapstructure:"startingDeadlineSeconds,omitempty"` - - // Storage corresponds to the JSON schema field "storage". - Storage *ValuesBackupCronjobStorage `json:"storage,omitempty" yaml:"storage,omitempty" mapstructure:"storage,omitempty"` - - // Set the cronjob parameter successfulJobsHistoryLimit - SuccessfulJobsHistoryLimit float64 `json:"successfulJobsHistoryLimit,omitempty" yaml:"successfulJobsHistoryLimit,omitempty" mapstructure:"successfulJobsHistoryLimit,omitempty"` - - // Set the cronjob parameter timeZone - TimeZone string `json:"timeZone,omitempty" yaml:"timeZone,omitempty" mapstructure:"timeZone,omitempty"` - - // Set the cronjob parameter ttlSecondsAfterFinished - TtlSecondsAfterFinished string `json:"ttlSecondsAfterFinished,omitempty" yaml:"ttlSecondsAfterFinished,omitempty" mapstructure:"ttlSecondsAfterFinished,omitempty"` -} - -// Set the cronjob annotations -type ValuesBackupCronjobAnnotations map[string]interface{} - -type ValuesBackupCronjobContainerSecurityContext struct { - // Set container's Security Context allowPrivilegeEscalation - AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty" yaml:"allowPrivilegeEscalation,omitempty" mapstructure:"allowPrivilegeEscalation,omitempty"` - - // Capabilities corresponds to the JSON schema field "capabilities". - Capabilities *ValuesBackupCronjobContainerSecurityContextCapabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty" mapstructure:"capabilities,omitempty"` - - // Enabled containers' Security Context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Set container's Security Context privileged - Privileged bool `json:"privileged,omitempty" yaml:"privileged,omitempty" mapstructure:"privileged,omitempty"` - - // Set container's Security Context readOnlyRootFilesystem - ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" yaml:"readOnlyRootFilesystem,omitempty" mapstructure:"readOnlyRootFilesystem,omitempty"` - - // Set containers' Security Context runAsGroup - RunAsGroup float64 `json:"runAsGroup,omitempty" yaml:"runAsGroup,omitempty" mapstructure:"runAsGroup,omitempty"` - - // Set container's Security Context runAsNonRoot - RunAsNonRoot bool `json:"runAsNonRoot,omitempty" yaml:"runAsNonRoot,omitempty" mapstructure:"runAsNonRoot,omitempty"` - - // Set containers' Security Context runAsUser - RunAsUser float64 `json:"runAsUser,omitempty" yaml:"runAsUser,omitempty" mapstructure:"runAsUser,omitempty"` - - // SeccompProfile corresponds to the JSON schema field "seccompProfile". - SeccompProfile *ValuesBackupCronjobContainerSecurityContextSeccompProfile `json:"seccompProfile,omitempty" yaml:"seccompProfile,omitempty" mapstructure:"seccompProfile,omitempty"` -} - -type ValuesBackupCronjobContainerSecurityContextCapabilities struct { - // List of capabilities to be dropped - Drop []string `json:"drop,omitempty" yaml:"drop,omitempty" mapstructure:"drop,omitempty"` -} - -type ValuesBackupCronjobContainerSecurityContextSeccompProfile struct { - // Set container's Security Context seccomp profile - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Set the cronjob labels -type ValuesBackupCronjobLabels map[string]interface{} - -// Node labels for PostgreSQL backup CronJob pod assignment -type ValuesBackupCronjobNodeSelector map[string]interface{} - -type ValuesBackupCronjobPodSecurityContext struct { - // Enable PodSecurityContext for CronJob/Backup - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Group ID for the CronJob - FsGroup float64 `json:"fsGroup,omitempty" yaml:"fsGroup,omitempty" mapstructure:"fsGroup,omitempty"` - - // Set filesystem group change policy - FsGroupChangePolicy string `json:"fsGroupChangePolicy,omitempty" yaml:"fsGroupChangePolicy,omitempty" mapstructure:"fsGroupChangePolicy,omitempty"` - - // Set filesystem extra groups - SupplementalGroups []interface{} `json:"supplementalGroups,omitempty" yaml:"supplementalGroups,omitempty" mapstructure:"supplementalGroups,omitempty"` - - // Set kernel settings using the sysctl interface - Sysctls []interface{} `json:"sysctls,omitempty" yaml:"sysctls,omitempty" mapstructure:"sysctls,omitempty"` -} - -type ValuesBackupCronjobStorage struct { - // PV Access Mode - AccessModes []string `json:"accessModes,omitempty" yaml:"accessModes,omitempty" mapstructure:"accessModes,omitempty"` - - // PVC annotations - Annotations ValuesBackupCronjobStorageAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Provide an existing `PersistentVolumeClaim` (only when - // `architecture=standalone`) - ExistingClaim string `json:"existingClaim,omitempty" yaml:"existingClaim,omitempty" mapstructure:"existingClaim,omitempty"` - - // Path to mount the volume at - MountPath string `json:"mountPath,omitempty" yaml:"mountPath,omitempty" mapstructure:"mountPath,omitempty"` - - // Setting it to "keep" to avoid removing PVCs during a helm delete operation. - // Leaving it empty will delete PVCs after the chart deleted - ResourcePolicy string `json:"resourcePolicy,omitempty" yaml:"resourcePolicy,omitempty" mapstructure:"resourcePolicy,omitempty"` - - // PVC Storage Request for the backup data volume - Size string `json:"size,omitempty" yaml:"size,omitempty" mapstructure:"size,omitempty"` - - // PVC Storage Class for the backup data volume - StorageClass string `json:"storageClass,omitempty" yaml:"storageClass,omitempty" mapstructure:"storageClass,omitempty"` - - // Subdirectory of the volume to mount at - SubPath string `json:"subPath,omitempty" yaml:"subPath,omitempty" mapstructure:"subPath,omitempty"` - - // VolumeClaimTemplates corresponds to the JSON schema field - // "volumeClaimTemplates". - VolumeClaimTemplates *ValuesBackupCronjobStorageVolumeClaimTemplates `json:"volumeClaimTemplates,omitempty" yaml:"volumeClaimTemplates,omitempty" mapstructure:"volumeClaimTemplates,omitempty"` -} - -// PVC annotations -type ValuesBackupCronjobStorageAnnotations map[string]interface{} - -type ValuesBackupCronjobStorageVolumeClaimTemplates struct { - // A label query over volumes to consider for binding (e.g. when using local - // volumes) - Selector ValuesBackupCronjobStorageVolumeClaimTemplatesSelector `json:"selector,omitempty" yaml:"selector,omitempty" mapstructure:"selector,omitempty"` -} - -// A label query over volumes to consider for binding (e.g. when using local -// volumes) -type ValuesBackupCronjobStorageVolumeClaimTemplatesSelector map[string]interface{} - -// Add annotations to all the deployed resources -type ValuesCommonAnnotations map[string]interface{} - -// Add labels to all the deployed resources -type ValuesCommonLabels map[string]interface{} - -type ValuesContainerPorts struct { - // PostgreSQL container port - Postgresql float64 `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -type ValuesDiagnosticMode struct { - // Args to override all containers in the statefulset - Args []string `json:"args,omitempty" yaml:"args,omitempty" mapstructure:"args,omitempty"` - - // Command to override all containers in the statefulset - Command []string `json:"command,omitempty" yaml:"command,omitempty" mapstructure:"command,omitempty"` - - // Enable diagnostic mode (all probes will be disabled and the command will be - // overridden) - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} - -type ValuesGlobal struct { - // Global Docker registry secret names as an array - ImagePullSecrets []interface{} `json:"imagePullSecrets,omitempty" yaml:"imagePullSecrets,omitempty" mapstructure:"imagePullSecrets,omitempty"` - - // Global Docker image registry - ImageRegistry string `json:"imageRegistry,omitempty" yaml:"imageRegistry,omitempty" mapstructure:"imageRegistry,omitempty"` - - // Postgresql corresponds to the JSON schema field "postgresql". - Postgresql *ValuesGlobalPostgresql `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` - - // Global StorageClass for Persistent Volume(s) - StorageClass string `json:"storageClass,omitempty" yaml:"storageClass,omitempty" mapstructure:"storageClass,omitempty"` -} - -type ValuesGlobalPostgresql struct { - // Auth corresponds to the JSON schema field "auth". - Auth *ValuesGlobalPostgresqlAuth `json:"auth,omitempty" yaml:"auth,omitempty" mapstructure:"auth,omitempty"` - - // Service corresponds to the JSON schema field "service". - Service *ValuesGlobalPostgresqlService `json:"service,omitempty" yaml:"service,omitempty" mapstructure:"service,omitempty"` -} - -type ValuesGlobalPostgresqlAuth struct { - // Name for a custom database to create (overrides `auth.database`) - Database string `json:"database,omitempty" yaml:"database,omitempty" mapstructure:"database,omitempty"` - - // Name of existing secret to use for PostgreSQL credentials (overrides - // `auth.existingSecret`). - ExistingSecret string `json:"existingSecret,omitempty" yaml:"existingSecret,omitempty" mapstructure:"existingSecret,omitempty"` - - // Password for the custom user to create (overrides `auth.password`) - Password string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Password for the "postgres" admin user (overrides `auth.postgresPassword`) - PostgresPassword string `json:"postgresPassword,omitempty" yaml:"postgresPassword,omitempty" mapstructure:"postgresPassword,omitempty"` - - // SecretKeys corresponds to the JSON schema field "secretKeys". - SecretKeys *ValuesGlobalPostgresqlAuthSecretKeys `json:"secretKeys,omitempty" yaml:"secretKeys,omitempty" mapstructure:"secretKeys,omitempty"` - - // Name for a custom user to create (overrides `auth.username`) - Username string `json:"username,omitempty" yaml:"username,omitempty" mapstructure:"username,omitempty"` -} - -type ValuesGlobalPostgresqlAuthSecretKeys struct { - // Name of key in existing secret to use for PostgreSQL credentials (overrides - // `auth.secretKeys.adminPasswordKey`). Only used when - // `global.postgresql.auth.existingSecret` is set. - AdminPasswordKey string `json:"adminPasswordKey,omitempty" yaml:"adminPasswordKey,omitempty" mapstructure:"adminPasswordKey,omitempty"` - - // Name of key in existing secret to use for PostgreSQL credentials (overrides - // `auth.secretKeys.replicationPasswordKey`). Only used when - // `global.postgresql.auth.existingSecret` is set. - ReplicationPasswordKey string `json:"replicationPasswordKey,omitempty" yaml:"replicationPasswordKey,omitempty" mapstructure:"replicationPasswordKey,omitempty"` - - // Name of key in existing secret to use for PostgreSQL credentials (overrides - // `auth.secretKeys.userPasswordKey`). Only used when - // `global.postgresql.auth.existingSecret` is set. - UserPasswordKey string `json:"userPasswordKey,omitempty" yaml:"userPasswordKey,omitempty" mapstructure:"userPasswordKey,omitempty"` -} - -type ValuesGlobalPostgresqlService struct { - // Ports corresponds to the JSON schema field "ports". - Ports *ValuesGlobalPostgresqlServicePorts `json:"ports,omitempty" yaml:"ports,omitempty" mapstructure:"ports,omitempty"` -} - -type ValuesGlobalPostgresqlServicePorts struct { - // PostgreSQL service port (overrides `service.ports.postgresql`) - Postgresql string `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -type ValuesImage struct { - // Specify if debug values should be set - Debug bool `json:"debug,omitempty" yaml:"debug,omitempty" mapstructure:"debug,omitempty"` - - // PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if - // set, will override the tag - Digest string `json:"digest,omitempty" yaml:"digest,omitempty" mapstructure:"digest,omitempty"` - - // PostgreSQL image pull policy - PullPolicy string `json:"pullPolicy,omitempty" yaml:"pullPolicy,omitempty" mapstructure:"pullPolicy,omitempty"` - - // Specify image pull secrets - PullSecrets []interface{} `json:"pullSecrets,omitempty" yaml:"pullSecrets,omitempty" mapstructure:"pullSecrets,omitempty"` - - // PostgreSQL image registry - Registry string `json:"registry,omitempty" yaml:"registry,omitempty" mapstructure:"registry,omitempty"` - - // PostgreSQL image repository - Repository string `json:"repository,omitempty" yaml:"repository,omitempty" mapstructure:"repository,omitempty"` -} - -type ValuesLdap struct { - // Root DN to begin the search for the user in - Basedn string `json:"basedn,omitempty" yaml:"basedn,omitempty" mapstructure:"basedn,omitempty"` - - // DN of user to bind to LDAP - Binddn string `json:"binddn,omitempty" yaml:"binddn,omitempty" mapstructure:"binddn,omitempty"` - - // Password for the user to bind to LDAP - Bindpw string `json:"bindpw,omitempty" yaml:"bindpw,omitempty" mapstructure:"bindpw,omitempty"` - - // Enable LDAP support - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Port number on the LDAP server to connect to - Port string `json:"port,omitempty" yaml:"port,omitempty" mapstructure:"port,omitempty"` - - // String to prepend to the user name when forming the DN to bind - Prefix string `json:"prefix,omitempty" yaml:"prefix,omitempty" mapstructure:"prefix,omitempty"` - - // Set to `ldaps` to use LDAPS - Scheme string `json:"scheme,omitempty" yaml:"scheme,omitempty" mapstructure:"scheme,omitempty"` - - // Attribute to match against the user name in the search - SearchAttribute string `json:"searchAttribute,omitempty" yaml:"searchAttribute,omitempty" mapstructure:"searchAttribute,omitempty"` - - // The search filter to use when doing search+bind authentication - SearchFilter string `json:"searchFilter,omitempty" yaml:"searchFilter,omitempty" mapstructure:"searchFilter,omitempty"` - - // IP address or name of the LDAP server. - Server string `json:"server,omitempty" yaml:"server,omitempty" mapstructure:"server,omitempty"` - - // String to append to the user name when forming the DN to bind - Suffix string `json:"suffix,omitempty" yaml:"suffix,omitempty" mapstructure:"suffix,omitempty"` - - // Tls corresponds to the JSON schema field "tls". - Tls *ValuesLdapTls `json:"tls,omitempty" yaml:"tls,omitempty" mapstructure:"tls,omitempty"` - - // LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all - // the other LDAP parameters will be ignored. - Uri string `json:"uri,omitempty" yaml:"uri,omitempty" mapstructure:"uri,omitempty"` -} - -type ValuesLdapTls struct { - // Se to true to enable TLS encryption - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} - -type ValuesMetrics struct { - // Control enabled collectors - Collectors ValuesMetricsCollectors `json:"collectors,omitempty" yaml:"collectors,omitempty" mapstructure:"collectors,omitempty"` - - // ContainerPorts corresponds to the JSON schema field "containerPorts". - ContainerPorts *ValuesMetricsContainerPorts `json:"containerPorts,omitempty" yaml:"containerPorts,omitempty" mapstructure:"containerPorts,omitempty"` - - // ContainerSecurityContext corresponds to the JSON schema field - // "containerSecurityContext". - ContainerSecurityContext *ValuesMetricsContainerSecurityContext `json:"containerSecurityContext,omitempty" yaml:"containerSecurityContext,omitempty" mapstructure:"containerSecurityContext,omitempty"` - - // Custom livenessProbe that overrides the default one - CustomLivenessProbe ValuesMetricsCustomLivenessProbe `json:"customLivenessProbe,omitempty" yaml:"customLivenessProbe,omitempty" mapstructure:"customLivenessProbe,omitempty"` - - // Define additional custom metrics - CustomMetrics ValuesMetricsCustomMetrics `json:"customMetrics,omitempty" yaml:"customMetrics,omitempty" mapstructure:"customMetrics,omitempty"` - - // Custom readinessProbe that overrides the default one - CustomReadinessProbe ValuesMetricsCustomReadinessProbe `json:"customReadinessProbe,omitempty" yaml:"customReadinessProbe,omitempty" mapstructure:"customReadinessProbe,omitempty"` - - // Custom startupProbe that overrides the default one - CustomStartupProbe ValuesMetricsCustomStartupProbe `json:"customStartupProbe,omitempty" yaml:"customStartupProbe,omitempty" mapstructure:"customStartupProbe,omitempty"` - - // Start a prometheus exporter - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Extra environment variables to add to PostgreSQL Prometheus exporter - ExtraEnvVars []interface{} `json:"extraEnvVars,omitempty" yaml:"extraEnvVars,omitempty" mapstructure:"extraEnvVars,omitempty"` - - // Image corresponds to the JSON schema field "image". - Image *ValuesMetricsImage `json:"image,omitempty" yaml:"image,omitempty" mapstructure:"image,omitempty"` - - // LivenessProbe corresponds to the JSON schema field "livenessProbe". - LivenessProbe *ValuesMetricsLivenessProbe `json:"livenessProbe,omitempty" yaml:"livenessProbe,omitempty" mapstructure:"livenessProbe,omitempty"` - - // PrometheusRule corresponds to the JSON schema field "prometheusRule". - PrometheusRule *ValuesMetricsPrometheusRule `json:"prometheusRule,omitempty" yaml:"prometheusRule,omitempty" mapstructure:"prometheusRule,omitempty"` - - // ReadinessProbe corresponds to the JSON schema field "readinessProbe". - ReadinessProbe *ValuesMetricsReadinessProbe `json:"readinessProbe,omitempty" yaml:"readinessProbe,omitempty" mapstructure:"readinessProbe,omitempty"` - - // Set container requests and limits for different resources like CPU or memory - // (essential for production workloads) - Resources ValuesMetricsResources `json:"resources,omitempty" yaml:"resources,omitempty" mapstructure:"resources,omitempty"` - - // Set container resources according to one common preset (allowed values: none, - // nano, small, medium, large, xlarge, 2xlarge). This is ignored if - // metrics.resources is set (metrics.resources is recommended for production). - ResourcesPreset string `json:"resourcesPreset,omitempty" yaml:"resourcesPreset,omitempty" mapstructure:"resourcesPreset,omitempty"` - - // Service corresponds to the JSON schema field "service". - Service *ValuesMetricsService `json:"service,omitempty" yaml:"service,omitempty" mapstructure:"service,omitempty"` - - // ServiceMonitor corresponds to the JSON schema field "serviceMonitor". - ServiceMonitor *ValuesMetricsServiceMonitor `json:"serviceMonitor,omitempty" yaml:"serviceMonitor,omitempty" mapstructure:"serviceMonitor,omitempty"` - - // StartupProbe corresponds to the JSON schema field "startupProbe". - StartupProbe *ValuesMetricsStartupProbe `json:"startupProbe,omitempty" yaml:"startupProbe,omitempty" mapstructure:"startupProbe,omitempty"` -} - -// Control enabled collectors -type ValuesMetricsCollectors map[string]interface{} - -type ValuesMetricsContainerPorts struct { - // PostgreSQL Prometheus exporter metrics container port - Metrics float64 `json:"metrics,omitempty" yaml:"metrics,omitempty" mapstructure:"metrics,omitempty"` -} - -type ValuesMetricsContainerSecurityContext struct { - // Set container's Security Context allowPrivilegeEscalation - AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty" yaml:"allowPrivilegeEscalation,omitempty" mapstructure:"allowPrivilegeEscalation,omitempty"` - - // Capabilities corresponds to the JSON schema field "capabilities". - Capabilities *ValuesMetricsContainerSecurityContextCapabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty" mapstructure:"capabilities,omitempty"` - - // Enabled containers' Security Context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Set container's Security Context privileged - Privileged bool `json:"privileged,omitempty" yaml:"privileged,omitempty" mapstructure:"privileged,omitempty"` - - // Set container's Security Context readOnlyRootFilesystem - ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" yaml:"readOnlyRootFilesystem,omitempty" mapstructure:"readOnlyRootFilesystem,omitempty"` - - // Set containers' Security Context runAsGroup - RunAsGroup float64 `json:"runAsGroup,omitempty" yaml:"runAsGroup,omitempty" mapstructure:"runAsGroup,omitempty"` - - // Set container's Security Context runAsNonRoot - RunAsNonRoot bool `json:"runAsNonRoot,omitempty" yaml:"runAsNonRoot,omitempty" mapstructure:"runAsNonRoot,omitempty"` - - // Set containers' Security Context runAsUser - RunAsUser float64 `json:"runAsUser,omitempty" yaml:"runAsUser,omitempty" mapstructure:"runAsUser,omitempty"` - - // SeccompProfile corresponds to the JSON schema field "seccompProfile". - SeccompProfile *ValuesMetricsContainerSecurityContextSeccompProfile `json:"seccompProfile,omitempty" yaml:"seccompProfile,omitempty" mapstructure:"seccompProfile,omitempty"` -} - -type ValuesMetricsContainerSecurityContextCapabilities struct { - // List of capabilities to be dropped - Drop []string `json:"drop,omitempty" yaml:"drop,omitempty" mapstructure:"drop,omitempty"` -} - -type ValuesMetricsContainerSecurityContextSeccompProfile struct { - // Set container's Security Context seccomp profile - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Custom livenessProbe that overrides the default one -type ValuesMetricsCustomLivenessProbe map[string]interface{} - -// Define additional custom metrics -type ValuesMetricsCustomMetrics map[string]interface{} - -// Custom readinessProbe that overrides the default one -type ValuesMetricsCustomReadinessProbe map[string]interface{} - -// Custom startupProbe that overrides the default one -type ValuesMetricsCustomStartupProbe map[string]interface{} - -type ValuesMetricsImage struct { - // PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if - // set, will override the tag - Digest string `json:"digest,omitempty" yaml:"digest,omitempty" mapstructure:"digest,omitempty"` - - // PostgreSQL Prometheus Exporter image pull policy - PullPolicy string `json:"pullPolicy,omitempty" yaml:"pullPolicy,omitempty" mapstructure:"pullPolicy,omitempty"` - - // Specify image pull secrets - PullSecrets []interface{} `json:"pullSecrets,omitempty" yaml:"pullSecrets,omitempty" mapstructure:"pullSecrets,omitempty"` - - // PostgreSQL Prometheus Exporter image registry - Registry string `json:"registry,omitempty" yaml:"registry,omitempty" mapstructure:"registry,omitempty"` - - // PostgreSQL Prometheus Exporter image repository - Repository string `json:"repository,omitempty" yaml:"repository,omitempty" mapstructure:"repository,omitempty"` -} - -type ValuesMetricsLivenessProbe struct { - // Enable livenessProbe on PostgreSQL Prometheus exporter containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for livenessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for livenessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for livenessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for livenessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for livenessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesMetricsPrometheusRule struct { - // Create a PrometheusRule for Prometheus Operator - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Additional labels that can be used so PrometheusRule will be discovered by - // Prometheus - Labels ValuesMetricsPrometheusRuleLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // Namespace for the PrometheusRule Resource (defaults to the Release Namespace) - Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty" mapstructure:"namespace,omitempty"` - - // PrometheusRule definitions - Rules []interface{} `json:"rules,omitempty" yaml:"rules,omitempty" mapstructure:"rules,omitempty"` -} - -// Additional labels that can be used so PrometheusRule will be discovered by -// Prometheus -type ValuesMetricsPrometheusRuleLabels map[string]interface{} - -type ValuesMetricsReadinessProbe struct { - // Enable readinessProbe on PostgreSQL Prometheus exporter containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for readinessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for readinessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for readinessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for readinessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for readinessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -// Set container requests and limits for different resources like CPU or memory -// (essential for production workloads) -type ValuesMetricsResources map[string]interface{} - -type ValuesMetricsService struct { - // Static clusterIP or None for headless services - ClusterIP string `json:"clusterIP,omitempty" yaml:"clusterIP,omitempty" mapstructure:"clusterIP,omitempty"` - - // Ports corresponds to the JSON schema field "ports". - Ports *ValuesMetricsServicePorts `json:"ports,omitempty" yaml:"ports,omitempty" mapstructure:"ports,omitempty"` - - // Control where client requests go, to the same pod or round-robin - SessionAffinity string `json:"sessionAffinity,omitempty" yaml:"sessionAffinity,omitempty" mapstructure:"sessionAffinity,omitempty"` -} - -type ValuesMetricsServiceMonitor struct { - // Create ServiceMonitor Resource for scraping metrics using Prometheus Operator - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Specify honorLabels parameter to add the scrape endpoint - HonorLabels bool `json:"honorLabels,omitempty" yaml:"honorLabels,omitempty" mapstructure:"honorLabels,omitempty"` - - // Interval at which metrics should be scraped. - Interval string `json:"interval,omitempty" yaml:"interval,omitempty" mapstructure:"interval,omitempty"` - - // The name of the label on the target service to use as the job name in - // prometheus. - JobLabel string `json:"jobLabel,omitempty" yaml:"jobLabel,omitempty" mapstructure:"jobLabel,omitempty"` - - // Additional labels that can be used so ServiceMonitor will be discovered by - // Prometheus - Labels ValuesMetricsServiceMonitorLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // MetricRelabelConfigs to apply to samples before ingestion - MetricRelabelings []interface{} `json:"metricRelabelings,omitempty" yaml:"metricRelabelings,omitempty" mapstructure:"metricRelabelings,omitempty"` - - // Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) - Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty" mapstructure:"namespace,omitempty"` - - // RelabelConfigs to apply to samples before scraping - Relabelings []interface{} `json:"relabelings,omitempty" yaml:"relabelings,omitempty" mapstructure:"relabelings,omitempty"` - - // Timeout after which the scrape is ended - ScrapeTimeout string `json:"scrapeTimeout,omitempty" yaml:"scrapeTimeout,omitempty" mapstructure:"scrapeTimeout,omitempty"` - - // Prometheus instance selector labels - Selector ValuesMetricsServiceMonitorSelector `json:"selector,omitempty" yaml:"selector,omitempty" mapstructure:"selector,omitempty"` -} - -// Additional labels that can be used so ServiceMonitor will be discovered by -// Prometheus -type ValuesMetricsServiceMonitorLabels map[string]interface{} - -// Prometheus instance selector labels -type ValuesMetricsServiceMonitorSelector map[string]interface{} - -type ValuesMetricsServicePorts struct { - // PostgreSQL Prometheus Exporter service port - Metrics float64 `json:"metrics,omitempty" yaml:"metrics,omitempty" mapstructure:"metrics,omitempty"` -} - -type ValuesMetricsStartupProbe struct { - // Enable startupProbe on PostgreSQL Prometheus exporter containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for startupProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for startupProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for startupProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for startupProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for startupProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesPrimary struct { - // Affinity for PostgreSQL primary pods assignment - Affinity ValuesPrimaryAffinity `json:"affinity,omitempty" yaml:"affinity,omitempty" mapstructure:"affinity,omitempty"` - - // Annotations for PostgreSQL primary pods - Annotations ValuesPrimaryAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Override default container args (useful when using custom images) - Args []interface{} `json:"args,omitempty" yaml:"args,omitempty" mapstructure:"args,omitempty"` - - // Mount Service Account token in pod - AutomountServiceAccountToken bool `json:"automountServiceAccountToken,omitempty" yaml:"automountServiceAccountToken,omitempty" mapstructure:"automountServiceAccountToken,omitempty"` - - // Override default container command (useful when using custom images) - Command []interface{} `json:"command,omitempty" yaml:"command,omitempty" mapstructure:"command,omitempty"` - - // PostgreSQL Primary main configuration to be injected as ConfigMap - Configuration string `json:"configuration,omitempty" yaml:"configuration,omitempty" mapstructure:"configuration,omitempty"` - - // ContainerSecurityContext corresponds to the JSON schema field - // "containerSecurityContext". - ContainerSecurityContext *ValuesPrimaryContainerSecurityContext `json:"containerSecurityContext,omitempty" yaml:"containerSecurityContext,omitempty" mapstructure:"containerSecurityContext,omitempty"` - - // Custom livenessProbe that overrides the default one - CustomLivenessProbe ValuesPrimaryCustomLivenessProbe `json:"customLivenessProbe,omitempty" yaml:"customLivenessProbe,omitempty" mapstructure:"customLivenessProbe,omitempty"` - - // Custom readinessProbe that overrides the default one - CustomReadinessProbe ValuesPrimaryCustomReadinessProbe `json:"customReadinessProbe,omitempty" yaml:"customReadinessProbe,omitempty" mapstructure:"customReadinessProbe,omitempty"` - - // Custom startupProbe that overrides the default one - CustomStartupProbe ValuesPrimaryCustomStartupProbe `json:"customStartupProbe,omitempty" yaml:"customStartupProbe,omitempty" mapstructure:"customStartupProbe,omitempty"` - - // Name of an existing ConfigMap with PostgreSQL Primary configuration - ExistingConfigmap string `json:"existingConfigmap,omitempty" yaml:"existingConfigmap,omitempty" mapstructure:"existingConfigmap,omitempty"` - - // Name of an existing ConfigMap with PostgreSQL Primary extended configuration - ExistingExtendedConfigmap string `json:"existingExtendedConfigmap,omitempty" yaml:"existingExtendedConfigmap,omitempty" mapstructure:"existingExtendedConfigmap,omitempty"` - - // Extended PostgreSQL Primary configuration (appended to main or default - // configuration) - ExtendedConfiguration string `json:"extendedConfiguration,omitempty" yaml:"extendedConfiguration,omitempty" mapstructure:"extendedConfiguration,omitempty"` - - // Array with extra environment variables to add to PostgreSQL Primary nodes - ExtraEnvVars []interface{} `json:"extraEnvVars,omitempty" yaml:"extraEnvVars,omitempty" mapstructure:"extraEnvVars,omitempty"` - - // Name of existing ConfigMap containing extra env vars for PostgreSQL Primary - // nodes - ExtraEnvVarsCM string `json:"extraEnvVarsCM,omitempty" yaml:"extraEnvVarsCM,omitempty" mapstructure:"extraEnvVarsCM,omitempty"` - - // Name of existing Secret containing extra env vars for PostgreSQL Primary nodes - ExtraEnvVarsSecret string `json:"extraEnvVarsSecret,omitempty" yaml:"extraEnvVarsSecret,omitempty" mapstructure:"extraEnvVarsSecret,omitempty"` - - // Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) - ExtraPodSpec ValuesPrimaryExtraPodSpec `json:"extraPodSpec,omitempty" yaml:"extraPodSpec,omitempty" mapstructure:"extraPodSpec,omitempty"` - - // Optionally specify extra list of additional volumeMounts for the PostgreSQL - // Primary container(s) - ExtraVolumeMounts []interface{} `json:"extraVolumeMounts,omitempty" yaml:"extraVolumeMounts,omitempty" mapstructure:"extraVolumeMounts,omitempty"` - - // Optionally specify extra list of additional volumes for the PostgreSQL Primary - // pod(s) - ExtraVolumes []interface{} `json:"extraVolumes,omitempty" yaml:"extraVolumes,omitempty" mapstructure:"extraVolumes,omitempty"` - - // PostgreSQL primary pods host aliases - HostAliases []interface{} `json:"hostAliases,omitempty" yaml:"hostAliases,omitempty" mapstructure:"hostAliases,omitempty"` - - // Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) - HostIPC bool `json:"hostIPC,omitempty" yaml:"hostIPC,omitempty" mapstructure:"hostIPC,omitempty"` - - // Specify if host network should be enabled for PostgreSQL pod (postgresql - // primary) - HostNetwork bool `json:"hostNetwork,omitempty" yaml:"hostNetwork,omitempty" mapstructure:"hostNetwork,omitempty"` - - // Add additional init containers to the PostgreSQL Primary pod(s) - InitContainers []interface{} `json:"initContainers,omitempty" yaml:"initContainers,omitempty" mapstructure:"initContainers,omitempty"` - - // Initdb corresponds to the JSON schema field "initdb". - Initdb *ValuesPrimaryInitdb `json:"initdb,omitempty" yaml:"initdb,omitempty" mapstructure:"initdb,omitempty"` - - // Map of labels to add to the statefulset (postgresql primary) - Labels ValuesPrimaryLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // for the PostgreSQL Primary container to automate configuration before or after - // startup - LifecycleHooks ValuesPrimaryLifecycleHooks `json:"lifecycleHooks,omitempty" yaml:"lifecycleHooks,omitempty" mapstructure:"lifecycleHooks,omitempty"` - - // LivenessProbe corresponds to the JSON schema field "livenessProbe". - LivenessProbe *ValuesPrimaryLivenessProbe `json:"livenessProbe,omitempty" yaml:"livenessProbe,omitempty" mapstructure:"livenessProbe,omitempty"` - - // Name of the primary database (eg primary, master, leader, ...) - Name string `json:"name,omitempty" yaml:"name,omitempty" mapstructure:"name,omitempty"` - - // NetworkPolicy corresponds to the JSON schema field "networkPolicy". - NetworkPolicy *ValuesPrimaryNetworkPolicy `json:"networkPolicy,omitempty" yaml:"networkPolicy,omitempty" mapstructure:"networkPolicy,omitempty"` - - // NodeAffinityPreset corresponds to the JSON schema field "nodeAffinityPreset". - NodeAffinityPreset *ValuesPrimaryNodeAffinityPreset `json:"nodeAffinityPreset,omitempty" yaml:"nodeAffinityPreset,omitempty" mapstructure:"nodeAffinityPreset,omitempty"` - - // Node labels for PostgreSQL primary pods assignment - NodeSelector ValuesPrimaryNodeSelector `json:"nodeSelector,omitempty" yaml:"nodeSelector,omitempty" mapstructure:"nodeSelector,omitempty"` - - // Persistence corresponds to the JSON schema field "persistence". - Persistence *ValuesPrimaryPersistence `json:"persistence,omitempty" yaml:"persistence,omitempty" mapstructure:"persistence,omitempty"` - - // PersistentVolumeClaimRetentionPolicy corresponds to the JSON schema field - // "persistentVolumeClaimRetentionPolicy". - PersistentVolumeClaimRetentionPolicy *ValuesPrimaryPersistentVolumeClaimRetentionPolicy `json:"persistentVolumeClaimRetentionPolicy,omitempty" yaml:"persistentVolumeClaimRetentionPolicy,omitempty" mapstructure:"persistentVolumeClaimRetentionPolicy,omitempty"` - - // PostgreSQL Primary client authentication configuration - PgHbaConfiguration string `json:"pgHbaConfiguration,omitempty" yaml:"pgHbaConfiguration,omitempty" mapstructure:"pgHbaConfiguration,omitempty"` - - // PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. - // Allowed values: `soft` or `hard` - PodAffinityPreset string `json:"podAffinityPreset,omitempty" yaml:"podAffinityPreset,omitempty" mapstructure:"podAffinityPreset,omitempty"` - - // Map of annotations to add to the pods (postgresql primary) - PodAnnotations ValuesPrimaryPodAnnotations `json:"podAnnotations,omitempty" yaml:"podAnnotations,omitempty" mapstructure:"podAnnotations,omitempty"` - - // PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is - // set. Allowed values: `soft` or `hard` - PodAntiAffinityPreset string `json:"podAntiAffinityPreset,omitempty" yaml:"podAntiAffinityPreset,omitempty" mapstructure:"podAntiAffinityPreset,omitempty"` - - // Map of labels to add to the pods (postgresql primary) - PodLabels ValuesPrimaryPodLabels `json:"podLabels,omitempty" yaml:"podLabels,omitempty" mapstructure:"podLabels,omitempty"` - - // PodSecurityContext corresponds to the JSON schema field "podSecurityContext". - PodSecurityContext *ValuesPrimaryPodSecurityContext `json:"podSecurityContext,omitempty" yaml:"podSecurityContext,omitempty" mapstructure:"podSecurityContext,omitempty"` - - // Priority Class to use for each pod (postgresql primary) - PriorityClassName string `json:"priorityClassName,omitempty" yaml:"priorityClassName,omitempty" mapstructure:"priorityClassName,omitempty"` - - // ReadinessProbe corresponds to the JSON schema field "readinessProbe". - ReadinessProbe *ValuesPrimaryReadinessProbe `json:"readinessProbe,omitempty" yaml:"readinessProbe,omitempty" mapstructure:"readinessProbe,omitempty"` - - // Set container requests and limits for different resources like CPU or memory - // (essential for production workloads) - Resources ValuesPrimaryResources `json:"resources,omitempty" yaml:"resources,omitempty" mapstructure:"resources,omitempty"` - - // Set container resources according to one common preset (allowed values: none, - // nano, small, medium, large, xlarge, 2xlarge). This is ignored if - // primary.resources is set (primary.resources is recommended for production). - ResourcesPreset string `json:"resourcesPreset,omitempty" yaml:"resourcesPreset,omitempty" mapstructure:"resourcesPreset,omitempty"` - - // Use an alternate scheduler, e.g. "stork". - SchedulerName string `json:"schedulerName,omitempty" yaml:"schedulerName,omitempty" mapstructure:"schedulerName,omitempty"` - - // Service corresponds to the JSON schema field "service". - Service *ValuesPrimaryService `json:"service,omitempty" yaml:"service,omitempty" mapstructure:"service,omitempty"` - - // Add additional sidecar containers to the PostgreSQL Primary pod(s) - Sidecars []interface{} `json:"sidecars,omitempty" yaml:"sidecars,omitempty" mapstructure:"sidecars,omitempty"` - - // Standby corresponds to the JSON schema field "standby". - Standby *ValuesPrimaryStandby `json:"standby,omitempty" yaml:"standby,omitempty" mapstructure:"standby,omitempty"` - - // StartupProbe corresponds to the JSON schema field "startupProbe". - StartupProbe *ValuesPrimaryStartupProbe `json:"startupProbe,omitempty" yaml:"startupProbe,omitempty" mapstructure:"startupProbe,omitempty"` - - // Seconds PostgreSQL primary pod needs to terminate gracefully - TerminationGracePeriodSeconds string `json:"terminationGracePeriodSeconds,omitempty" yaml:"terminationGracePeriodSeconds,omitempty" mapstructure:"terminationGracePeriodSeconds,omitempty"` - - // Tolerations for PostgreSQL primary pods assignment - Tolerations []interface{} `json:"tolerations,omitempty" yaml:"tolerations,omitempty" mapstructure:"tolerations,omitempty"` - - // Topology Spread Constraints for pod assignment spread across your cluster among - // failure-domains. Evaluated as a template - TopologySpreadConstraints []interface{} `json:"topologySpreadConstraints,omitempty" yaml:"topologySpreadConstraints,omitempty" mapstructure:"topologySpreadConstraints,omitempty"` - - // UpdateStrategy corresponds to the JSON schema field "updateStrategy". - UpdateStrategy *ValuesPrimaryUpdateStrategy `json:"updateStrategy,omitempty" yaml:"updateStrategy,omitempty" mapstructure:"updateStrategy,omitempty"` -} - -// Affinity for PostgreSQL primary pods assignment -type ValuesPrimaryAffinity map[string]interface{} - -// Annotations for PostgreSQL primary pods -type ValuesPrimaryAnnotations map[string]interface{} - -type ValuesPrimaryContainerSecurityContext struct { - // Set container's Security Context allowPrivilegeEscalation - AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty" yaml:"allowPrivilegeEscalation,omitempty" mapstructure:"allowPrivilegeEscalation,omitempty"` - - // Capabilities corresponds to the JSON schema field "capabilities". - Capabilities *ValuesPrimaryContainerSecurityContextCapabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty" mapstructure:"capabilities,omitempty"` - - // Enabled containers' Security Context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Set container's Security Context privileged - Privileged bool `json:"privileged,omitempty" yaml:"privileged,omitempty" mapstructure:"privileged,omitempty"` - - // Set container's Security Context readOnlyRootFilesystem - ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" yaml:"readOnlyRootFilesystem,omitempty" mapstructure:"readOnlyRootFilesystem,omitempty"` - - // Set containers' Security Context runAsGroup - RunAsGroup float64 `json:"runAsGroup,omitempty" yaml:"runAsGroup,omitempty" mapstructure:"runAsGroup,omitempty"` - - // Set container's Security Context runAsNonRoot - RunAsNonRoot bool `json:"runAsNonRoot,omitempty" yaml:"runAsNonRoot,omitempty" mapstructure:"runAsNonRoot,omitempty"` - - // Set containers' Security Context runAsUser - RunAsUser float64 `json:"runAsUser,omitempty" yaml:"runAsUser,omitempty" mapstructure:"runAsUser,omitempty"` - - // SeccompProfile corresponds to the JSON schema field "seccompProfile". - SeccompProfile *ValuesPrimaryContainerSecurityContextSeccompProfile `json:"seccompProfile,omitempty" yaml:"seccompProfile,omitempty" mapstructure:"seccompProfile,omitempty"` -} - -type ValuesPrimaryContainerSecurityContextCapabilities struct { - // List of capabilities to be dropped - Drop []string `json:"drop,omitempty" yaml:"drop,omitempty" mapstructure:"drop,omitempty"` -} - -type ValuesPrimaryContainerSecurityContextSeccompProfile struct { - // Set container's Security Context seccomp profile - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Custom livenessProbe that overrides the default one -type ValuesPrimaryCustomLivenessProbe map[string]interface{} - -// Custom readinessProbe that overrides the default one -type ValuesPrimaryCustomReadinessProbe map[string]interface{} - -// Custom startupProbe that overrides the default one -type ValuesPrimaryCustomStartupProbe map[string]interface{} - -// Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) -type ValuesPrimaryExtraPodSpec map[string]interface{} - -type ValuesPrimaryInitdb struct { - // PostgreSQL initdb extra arguments - Args string `json:"args,omitempty" yaml:"args,omitempty" mapstructure:"args,omitempty"` - - // Specify the PostgreSQL password to execute the initdb scripts - Password string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Specify a custom location for the PostgreSQL transaction log - PostgresqlWalDir string `json:"postgresqlWalDir,omitempty" yaml:"postgresqlWalDir,omitempty" mapstructure:"postgresqlWalDir,omitempty"` - - // Dictionary of initdb scripts - Scripts ValuesPrimaryInitdbScripts `json:"scripts,omitempty" yaml:"scripts,omitempty" mapstructure:"scripts,omitempty"` - - // ConfigMap with scripts to be run at first boot - ScriptsConfigMap string `json:"scriptsConfigMap,omitempty" yaml:"scriptsConfigMap,omitempty" mapstructure:"scriptsConfigMap,omitempty"` - - // Secret with scripts to be run at first boot (in case it contains sensitive - // information) - ScriptsSecret string `json:"scriptsSecret,omitempty" yaml:"scriptsSecret,omitempty" mapstructure:"scriptsSecret,omitempty"` - - // Specify the PostgreSQL username to execute the initdb scripts - User string `json:"user,omitempty" yaml:"user,omitempty" mapstructure:"user,omitempty"` -} - -// Dictionary of initdb scripts -type ValuesPrimaryInitdbScripts map[string]interface{} - -// Map of labels to add to the statefulset (postgresql primary) -type ValuesPrimaryLabels map[string]interface{} - -// for the PostgreSQL Primary container to automate configuration before or after -// startup -type ValuesPrimaryLifecycleHooks map[string]interface{} - -type ValuesPrimaryLivenessProbe struct { - // Enable livenessProbe on PostgreSQL Primary containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for livenessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for livenessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for livenessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for livenessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for livenessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesPrimaryNetworkPolicy struct { - // Don't require server label for connections - AllowExternal bool `json:"allowExternal,omitempty" yaml:"allowExternal,omitempty" mapstructure:"allowExternal,omitempty"` - - // Allow the pod to access any range of port and all destinations. - AllowExternalEgress bool `json:"allowExternalEgress,omitempty" yaml:"allowExternalEgress,omitempty" mapstructure:"allowExternalEgress,omitempty"` - - // Specifies whether a NetworkPolicy should be created - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Add extra ingress rules to the NetworkPolicy - ExtraEgress []string `json:"extraEgress,omitempty" yaml:"extraEgress,omitempty" mapstructure:"extraEgress,omitempty"` - - // Add extra ingress rules to the NetworkPolice - ExtraIngress []string `json:"extraIngress,omitempty" yaml:"extraIngress,omitempty" mapstructure:"extraIngress,omitempty"` -} - -type ValuesPrimaryNodeAffinityPreset struct { - // PostgreSQL primary node label key to match Ignored if `primary.affinity` is - // set. - Key string `json:"key,omitempty" yaml:"key,omitempty" mapstructure:"key,omitempty"` - - // PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is - // set. Allowed values: `soft` or `hard` - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` - - // PostgreSQL primary node label values to match. Ignored if `primary.affinity` is - // set. - Values []interface{} `json:"values,omitempty" yaml:"values,omitempty" mapstructure:"values,omitempty"` -} - -// Node labels for PostgreSQL primary pods assignment -type ValuesPrimaryNodeSelector map[string]interface{} - -type ValuesPrimaryPersistence struct { - // PVC Access Mode for PostgreSQL volume - AccessModes []string `json:"accessModes,omitempty" yaml:"accessModes,omitempty" mapstructure:"accessModes,omitempty"` - - // Annotations for the PVC - Annotations ValuesPrimaryPersistenceAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Custom PVC data source - DataSource ValuesPrimaryPersistenceDataSource `json:"dataSource,omitempty" yaml:"dataSource,omitempty" mapstructure:"dataSource,omitempty"` - - // Enable PostgreSQL Primary data persistence using PVC - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Name of an existing PVC to use - ExistingClaim string `json:"existingClaim,omitempty" yaml:"existingClaim,omitempty" mapstructure:"existingClaim,omitempty"` - - // Labels for the PVC - Labels ValuesPrimaryPersistenceLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // The path the volume will be mounted at - MountPath string `json:"mountPath,omitempty" yaml:"mountPath,omitempty" mapstructure:"mountPath,omitempty"` - - // Selector to match an existing Persistent Volume (this value is evaluated as a - // template) - Selector ValuesPrimaryPersistenceSelector `json:"selector,omitempty" yaml:"selector,omitempty" mapstructure:"selector,omitempty"` - - // PVC Storage Request for PostgreSQL volume - Size string `json:"size,omitempty" yaml:"size,omitempty" mapstructure:"size,omitempty"` - - // PVC Storage Class for PostgreSQL Primary data volume - StorageClass string `json:"storageClass,omitempty" yaml:"storageClass,omitempty" mapstructure:"storageClass,omitempty"` - - // The subdirectory of the volume to mount to - SubPath string `json:"subPath,omitempty" yaml:"subPath,omitempty" mapstructure:"subPath,omitempty"` -} - -// Annotations for the PVC -type ValuesPrimaryPersistenceAnnotations map[string]interface{} - -// Custom PVC data source -type ValuesPrimaryPersistenceDataSource map[string]interface{} - -// Labels for the PVC -type ValuesPrimaryPersistenceLabels map[string]interface{} - -// Selector to match an existing Persistent Volume (this value is evaluated as a -// template) -type ValuesPrimaryPersistenceSelector map[string]interface{} - -type ValuesPrimaryPersistentVolumeClaimRetentionPolicy struct { - // Enable Persistent volume retention policy for Primary Statefulset - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Volume retention behavior that applies when the StatefulSet is deleted - WhenDeleted string `json:"whenDeleted,omitempty" yaml:"whenDeleted,omitempty" mapstructure:"whenDeleted,omitempty"` - - // Volume retention behavior when the replica count of the StatefulSet is reduced - WhenScaled string `json:"whenScaled,omitempty" yaml:"whenScaled,omitempty" mapstructure:"whenScaled,omitempty"` -} - -// Map of annotations to add to the pods (postgresql primary) -type ValuesPrimaryPodAnnotations map[string]interface{} - -// Map of labels to add to the pods (postgresql primary) -type ValuesPrimaryPodLabels map[string]interface{} - -type ValuesPrimaryPodSecurityContext struct { - // Enable security context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Group ID for the pod - FsGroup float64 `json:"fsGroup,omitempty" yaml:"fsGroup,omitempty" mapstructure:"fsGroup,omitempty"` - - // Set filesystem group change policy - FsGroupChangePolicy string `json:"fsGroupChangePolicy,omitempty" yaml:"fsGroupChangePolicy,omitempty" mapstructure:"fsGroupChangePolicy,omitempty"` - - // Set filesystem extra groups - SupplementalGroups []interface{} `json:"supplementalGroups,omitempty" yaml:"supplementalGroups,omitempty" mapstructure:"supplementalGroups,omitempty"` - - // Set kernel settings using the sysctl interface - Sysctls []interface{} `json:"sysctls,omitempty" yaml:"sysctls,omitempty" mapstructure:"sysctls,omitempty"` -} - -type ValuesPrimaryReadinessProbe struct { - // Enable readinessProbe on PostgreSQL Primary containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for readinessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for readinessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for readinessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for readinessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for readinessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -// Set container requests and limits for different resources like CPU or memory -// (essential for production workloads) -type ValuesPrimaryResources map[string]interface{} - -type ValuesPrimaryService struct { - // Annotations for PostgreSQL primary service - Annotations ValuesPrimaryServiceAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Static clusterIP or None for headless services - ClusterIP string `json:"clusterIP,omitempty" yaml:"clusterIP,omitempty" mapstructure:"clusterIP,omitempty"` - - // Enable client source IP preservation - ExternalTrafficPolicy string `json:"externalTrafficPolicy,omitempty" yaml:"externalTrafficPolicy,omitempty" mapstructure:"externalTrafficPolicy,omitempty"` - - // Extra ports to expose in the PostgreSQL primary service - ExtraPorts []interface{} `json:"extraPorts,omitempty" yaml:"extraPorts,omitempty" mapstructure:"extraPorts,omitempty"` - - // Headless corresponds to the JSON schema field "headless". - Headless *ValuesPrimaryServiceHeadless `json:"headless,omitempty" yaml:"headless,omitempty" mapstructure:"headless,omitempty"` - - // Load balancer IP if service type is `LoadBalancer` - LoadBalancerIP string `json:"loadBalancerIP,omitempty" yaml:"loadBalancerIP,omitempty" mapstructure:"loadBalancerIP,omitempty"` - - // Addresses that are allowed when service is LoadBalancer - LoadBalancerSourceRanges []interface{} `json:"loadBalancerSourceRanges,omitempty" yaml:"loadBalancerSourceRanges,omitempty" mapstructure:"loadBalancerSourceRanges,omitempty"` - - // NodePorts corresponds to the JSON schema field "nodePorts". - NodePorts *ValuesPrimaryServiceNodePorts `json:"nodePorts,omitempty" yaml:"nodePorts,omitempty" mapstructure:"nodePorts,omitempty"` - - // Ports corresponds to the JSON schema field "ports". - Ports *ValuesPrimaryServicePorts `json:"ports,omitempty" yaml:"ports,omitempty" mapstructure:"ports,omitempty"` - - // Session Affinity for Kubernetes service, can be "None" or "ClientIP" - SessionAffinity string `json:"sessionAffinity,omitempty" yaml:"sessionAffinity,omitempty" mapstructure:"sessionAffinity,omitempty"` - - // Additional settings for the sessionAffinity - SessionAffinityConfig ValuesPrimaryServiceSessionAffinityConfig `json:"sessionAffinityConfig,omitempty" yaml:"sessionAffinityConfig,omitempty" mapstructure:"sessionAffinityConfig,omitempty"` - - // Kubernetes Service type - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Annotations for PostgreSQL primary service -type ValuesPrimaryServiceAnnotations map[string]interface{} - -type ValuesPrimaryServiceHeadless struct { - // Additional custom annotations for headless PostgreSQL primary service - Annotations ValuesPrimaryServiceHeadlessAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` -} - -// Additional custom annotations for headless PostgreSQL primary service -type ValuesPrimaryServiceHeadlessAnnotations map[string]interface{} - -type ValuesPrimaryServiceNodePorts struct { - // Node port for PostgreSQL - Postgresql string `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -type ValuesPrimaryServicePorts struct { - // PostgreSQL service port - Postgresql float64 `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -// Additional settings for the sessionAffinity -type ValuesPrimaryServiceSessionAffinityConfig map[string]interface{} - -type ValuesPrimaryStandby struct { - // Whether to enable current cluster's primary as standby server of another - // cluster or not - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // The Host of replication primary in the other cluster - PrimaryHost string `json:"primaryHost,omitempty" yaml:"primaryHost,omitempty" mapstructure:"primaryHost,omitempty"` - - // The Port of replication primary in the other cluster - PrimaryPort string `json:"primaryPort,omitempty" yaml:"primaryPort,omitempty" mapstructure:"primaryPort,omitempty"` -} - -type ValuesPrimaryStartupProbe struct { - // Enable startupProbe on PostgreSQL Primary containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for startupProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for startupProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for startupProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for startupProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for startupProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesPrimaryUpdateStrategy struct { - // PostgreSQL Primary statefulset rolling update configuration parameters - RollingUpdate ValuesPrimaryUpdateStrategyRollingUpdate `json:"rollingUpdate,omitempty" yaml:"rollingUpdate,omitempty" mapstructure:"rollingUpdate,omitempty"` - - // PostgreSQL Primary statefulset strategy type - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// PostgreSQL Primary statefulset rolling update configuration parameters -type ValuesPrimaryUpdateStrategyRollingUpdate map[string]interface{} - -type ValuesPsp struct { - // Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated - // in Kubernetes v1.21 or later, unavailable in v1.25 or later - Create bool `json:"create,omitempty" yaml:"create,omitempty" mapstructure:"create,omitempty"` -} - -type ValuesRbac struct { - // Create Role and RoleBinding (required for PSP to work) - Create bool `json:"create,omitempty" yaml:"create,omitempty" mapstructure:"create,omitempty"` - - // Custom RBAC rules to set - Rules []interface{} `json:"rules,omitempty" yaml:"rules,omitempty" mapstructure:"rules,omitempty"` -} - -type ValuesReadReplicas struct { - // Affinity for PostgreSQL read only pods assignment - Affinity ValuesReadReplicasAffinity `json:"affinity,omitempty" yaml:"affinity,omitempty" mapstructure:"affinity,omitempty"` - - // Annotations for PostgreSQL read only pods - Annotations ValuesReadReplicasAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Override default container args (useful when using custom images) - Args []interface{} `json:"args,omitempty" yaml:"args,omitempty" mapstructure:"args,omitempty"` - - // Mount Service Account token in pod - AutomountServiceAccountToken bool `json:"automountServiceAccountToken,omitempty" yaml:"automountServiceAccountToken,omitempty" mapstructure:"automountServiceAccountToken,omitempty"` - - // Override default container command (useful when using custom images) - Command []interface{} `json:"command,omitempty" yaml:"command,omitempty" mapstructure:"command,omitempty"` - - // ContainerSecurityContext corresponds to the JSON schema field - // "containerSecurityContext". - ContainerSecurityContext *ValuesReadReplicasContainerSecurityContext `json:"containerSecurityContext,omitempty" yaml:"containerSecurityContext,omitempty" mapstructure:"containerSecurityContext,omitempty"` - - // Custom livenessProbe that overrides the default one - CustomLivenessProbe ValuesReadReplicasCustomLivenessProbe `json:"customLivenessProbe,omitempty" yaml:"customLivenessProbe,omitempty" mapstructure:"customLivenessProbe,omitempty"` - - // Custom readinessProbe that overrides the default one - CustomReadinessProbe ValuesReadReplicasCustomReadinessProbe `json:"customReadinessProbe,omitempty" yaml:"customReadinessProbe,omitempty" mapstructure:"customReadinessProbe,omitempty"` - - // Custom startupProbe that overrides the default one - CustomStartupProbe ValuesReadReplicasCustomStartupProbe `json:"customStartupProbe,omitempty" yaml:"customStartupProbe,omitempty" mapstructure:"customStartupProbe,omitempty"` - - // Extended PostgreSQL read only replicas configuration (appended to main or - // default configuration) - ExtendedConfiguration string `json:"extendedConfiguration,omitempty" yaml:"extendedConfiguration,omitempty" mapstructure:"extendedConfiguration,omitempty"` - - // Array with extra environment variables to add to PostgreSQL read only nodes - ExtraEnvVars []interface{} `json:"extraEnvVars,omitempty" yaml:"extraEnvVars,omitempty" mapstructure:"extraEnvVars,omitempty"` - - // Name of existing ConfigMap containing extra env vars for PostgreSQL read only - // nodes - ExtraEnvVarsCM string `json:"extraEnvVarsCM,omitempty" yaml:"extraEnvVarsCM,omitempty" mapstructure:"extraEnvVarsCM,omitempty"` - - // Name of existing Secret containing extra env vars for PostgreSQL read only - // nodes - ExtraEnvVarsSecret string `json:"extraEnvVarsSecret,omitempty" yaml:"extraEnvVarsSecret,omitempty" mapstructure:"extraEnvVarsSecret,omitempty"` - - // Optionally specify extra PodSpec for the PostgreSQL read only pod(s) - ExtraPodSpec ValuesReadReplicasExtraPodSpec `json:"extraPodSpec,omitempty" yaml:"extraPodSpec,omitempty" mapstructure:"extraPodSpec,omitempty"` - - // Optionally specify extra list of additional volumeMounts for the PostgreSQL - // read only container(s) - ExtraVolumeMounts []interface{} `json:"extraVolumeMounts,omitempty" yaml:"extraVolumeMounts,omitempty" mapstructure:"extraVolumeMounts,omitempty"` - - // Optionally specify extra list of additional volumes for the PostgreSQL read - // only pod(s) - ExtraVolumes []interface{} `json:"extraVolumes,omitempty" yaml:"extraVolumes,omitempty" mapstructure:"extraVolumes,omitempty"` - - // PostgreSQL read only pods host aliases - HostAliases []interface{} `json:"hostAliases,omitempty" yaml:"hostAliases,omitempty" mapstructure:"hostAliases,omitempty"` - - // Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) - HostIPC bool `json:"hostIPC,omitempty" yaml:"hostIPC,omitempty" mapstructure:"hostIPC,omitempty"` - - // Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read - // only) - HostNetwork bool `json:"hostNetwork,omitempty" yaml:"hostNetwork,omitempty" mapstructure:"hostNetwork,omitempty"` - - // Add additional init containers to the PostgreSQL read only pod(s) - InitContainers []interface{} `json:"initContainers,omitempty" yaml:"initContainers,omitempty" mapstructure:"initContainers,omitempty"` - - // Map of labels to add to the statefulset (PostgreSQL read only) - Labels ValuesReadReplicasLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // for the PostgreSQL read only container to automate configuration before or - // after startup - LifecycleHooks ValuesReadReplicasLifecycleHooks `json:"lifecycleHooks,omitempty" yaml:"lifecycleHooks,omitempty" mapstructure:"lifecycleHooks,omitempty"` - - // LivenessProbe corresponds to the JSON schema field "livenessProbe". - LivenessProbe *ValuesReadReplicasLivenessProbe `json:"livenessProbe,omitempty" yaml:"livenessProbe,omitempty" mapstructure:"livenessProbe,omitempty"` - - // Name of the read replicas database (eg secondary, slave, ...) - Name string `json:"name,omitempty" yaml:"name,omitempty" mapstructure:"name,omitempty"` - - // NetworkPolicy corresponds to the JSON schema field "networkPolicy". - NetworkPolicy *ValuesReadReplicasNetworkPolicy `json:"networkPolicy,omitempty" yaml:"networkPolicy,omitempty" mapstructure:"networkPolicy,omitempty"` - - // NodeAffinityPreset corresponds to the JSON schema field "nodeAffinityPreset". - NodeAffinityPreset *ValuesReadReplicasNodeAffinityPreset `json:"nodeAffinityPreset,omitempty" yaml:"nodeAffinityPreset,omitempty" mapstructure:"nodeAffinityPreset,omitempty"` - - // Node labels for PostgreSQL read only pods assignment - NodeSelector ValuesReadReplicasNodeSelector `json:"nodeSelector,omitempty" yaml:"nodeSelector,omitempty" mapstructure:"nodeSelector,omitempty"` - - // Persistence corresponds to the JSON schema field "persistence". - Persistence *ValuesReadReplicasPersistence `json:"persistence,omitempty" yaml:"persistence,omitempty" mapstructure:"persistence,omitempty"` - - // PersistentVolumeClaimRetentionPolicy corresponds to the JSON schema field - // "persistentVolumeClaimRetentionPolicy". - PersistentVolumeClaimRetentionPolicy *ValuesReadReplicasPersistentVolumeClaimRetentionPolicy `json:"persistentVolumeClaimRetentionPolicy,omitempty" yaml:"persistentVolumeClaimRetentionPolicy,omitempty" mapstructure:"persistentVolumeClaimRetentionPolicy,omitempty"` - - // PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. - // Allowed values: `soft` or `hard` - PodAffinityPreset string `json:"podAffinityPreset,omitempty" yaml:"podAffinityPreset,omitempty" mapstructure:"podAffinityPreset,omitempty"` - - // Map of annotations to add to the pods (PostgreSQL read only) - PodAnnotations ValuesReadReplicasPodAnnotations `json:"podAnnotations,omitempty" yaml:"podAnnotations,omitempty" mapstructure:"podAnnotations,omitempty"` - - // PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is - // set. Allowed values: `soft` or `hard` - PodAntiAffinityPreset string `json:"podAntiAffinityPreset,omitempty" yaml:"podAntiAffinityPreset,omitempty" mapstructure:"podAntiAffinityPreset,omitempty"` - - // Map of labels to add to the pods (PostgreSQL read only) - PodLabels ValuesReadReplicasPodLabels `json:"podLabels,omitempty" yaml:"podLabels,omitempty" mapstructure:"podLabels,omitempty"` - - // PodSecurityContext corresponds to the JSON schema field "podSecurityContext". - PodSecurityContext *ValuesReadReplicasPodSecurityContext `json:"podSecurityContext,omitempty" yaml:"podSecurityContext,omitempty" mapstructure:"podSecurityContext,omitempty"` - - // Priority Class to use for each pod (PostgreSQL read only) - PriorityClassName string `json:"priorityClassName,omitempty" yaml:"priorityClassName,omitempty" mapstructure:"priorityClassName,omitempty"` - - // ReadinessProbe corresponds to the JSON schema field "readinessProbe". - ReadinessProbe *ValuesReadReplicasReadinessProbe `json:"readinessProbe,omitempty" yaml:"readinessProbe,omitempty" mapstructure:"readinessProbe,omitempty"` - - // Number of PostgreSQL read only replicas - ReplicaCount float64 `json:"replicaCount,omitempty" yaml:"replicaCount,omitempty" mapstructure:"replicaCount,omitempty"` - - // Set container requests and limits for different resources like CPU or memory - // (essential for production workloads) - Resources ValuesReadReplicasResources `json:"resources,omitempty" yaml:"resources,omitempty" mapstructure:"resources,omitempty"` - - // Set container resources according to one common preset (allowed values: none, - // nano, small, medium, large, xlarge, 2xlarge). This is ignored if - // readReplicas.resources is set (readReplicas.resources is recommended for - // production). - ResourcesPreset string `json:"resourcesPreset,omitempty" yaml:"resourcesPreset,omitempty" mapstructure:"resourcesPreset,omitempty"` - - // Use an alternate scheduler, e.g. "stork". - SchedulerName string `json:"schedulerName,omitempty" yaml:"schedulerName,omitempty" mapstructure:"schedulerName,omitempty"` - - // Service corresponds to the JSON schema field "service". - Service *ValuesReadReplicasService `json:"service,omitempty" yaml:"service,omitempty" mapstructure:"service,omitempty"` - - // Add additional sidecar containers to the PostgreSQL read only pod(s) - Sidecars []interface{} `json:"sidecars,omitempty" yaml:"sidecars,omitempty" mapstructure:"sidecars,omitempty"` - - // StartupProbe corresponds to the JSON schema field "startupProbe". - StartupProbe *ValuesReadReplicasStartupProbe `json:"startupProbe,omitempty" yaml:"startupProbe,omitempty" mapstructure:"startupProbe,omitempty"` - - // Seconds PostgreSQL read only pod needs to terminate gracefully - TerminationGracePeriodSeconds string `json:"terminationGracePeriodSeconds,omitempty" yaml:"terminationGracePeriodSeconds,omitempty" mapstructure:"terminationGracePeriodSeconds,omitempty"` - - // Tolerations for PostgreSQL read only pods assignment - Tolerations []interface{} `json:"tolerations,omitempty" yaml:"tolerations,omitempty" mapstructure:"tolerations,omitempty"` - - // Topology Spread Constraints for pod assignment spread across your cluster among - // failure-domains. Evaluated as a template - TopologySpreadConstraints []interface{} `json:"topologySpreadConstraints,omitempty" yaml:"topologySpreadConstraints,omitempty" mapstructure:"topologySpreadConstraints,omitempty"` - - // UpdateStrategy corresponds to the JSON schema field "updateStrategy". - UpdateStrategy *ValuesReadReplicasUpdateStrategy `json:"updateStrategy,omitempty" yaml:"updateStrategy,omitempty" mapstructure:"updateStrategy,omitempty"` -} - -// Affinity for PostgreSQL read only pods assignment -type ValuesReadReplicasAffinity map[string]interface{} - -// Annotations for PostgreSQL read only pods -type ValuesReadReplicasAnnotations map[string]interface{} - -type ValuesReadReplicasContainerSecurityContext struct { - // Set container's Security Context allowPrivilegeEscalation - AllowPrivilegeEscalation bool `json:"allowPrivilegeEscalation,omitempty" yaml:"allowPrivilegeEscalation,omitempty" mapstructure:"allowPrivilegeEscalation,omitempty"` - - // Capabilities corresponds to the JSON schema field "capabilities". - Capabilities *ValuesReadReplicasContainerSecurityContextCapabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty" mapstructure:"capabilities,omitempty"` - - // Enabled containers' Security Context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Set container's Security Context privileged - Privileged bool `json:"privileged,omitempty" yaml:"privileged,omitempty" mapstructure:"privileged,omitempty"` - - // Set container's Security Context readOnlyRootFilesystem - ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" yaml:"readOnlyRootFilesystem,omitempty" mapstructure:"readOnlyRootFilesystem,omitempty"` - - // Set containers' Security Context runAsGroup - RunAsGroup float64 `json:"runAsGroup,omitempty" yaml:"runAsGroup,omitempty" mapstructure:"runAsGroup,omitempty"` - - // Set container's Security Context runAsNonRoot - RunAsNonRoot bool `json:"runAsNonRoot,omitempty" yaml:"runAsNonRoot,omitempty" mapstructure:"runAsNonRoot,omitempty"` - - // Set containers' Security Context runAsUser - RunAsUser float64 `json:"runAsUser,omitempty" yaml:"runAsUser,omitempty" mapstructure:"runAsUser,omitempty"` - - // SeccompProfile corresponds to the JSON schema field "seccompProfile". - SeccompProfile *ValuesReadReplicasContainerSecurityContextSeccompProfile `json:"seccompProfile,omitempty" yaml:"seccompProfile,omitempty" mapstructure:"seccompProfile,omitempty"` -} - -type ValuesReadReplicasContainerSecurityContextCapabilities struct { - // List of capabilities to be dropped - Drop []string `json:"drop,omitempty" yaml:"drop,omitempty" mapstructure:"drop,omitempty"` -} - -type ValuesReadReplicasContainerSecurityContextSeccompProfile struct { - // Set container's Security Context seccomp profile - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Custom livenessProbe that overrides the default one -type ValuesReadReplicasCustomLivenessProbe map[string]interface{} - -// Custom readinessProbe that overrides the default one -type ValuesReadReplicasCustomReadinessProbe map[string]interface{} - -// Custom startupProbe that overrides the default one -type ValuesReadReplicasCustomStartupProbe map[string]interface{} - -// Optionally specify extra PodSpec for the PostgreSQL read only pod(s) -type ValuesReadReplicasExtraPodSpec map[string]interface{} - -// Map of labels to add to the statefulset (PostgreSQL read only) -type ValuesReadReplicasLabels map[string]interface{} - -// for the PostgreSQL read only container to automate configuration before or after -// startup -type ValuesReadReplicasLifecycleHooks map[string]interface{} - -type ValuesReadReplicasLivenessProbe struct { - // Enable livenessProbe on PostgreSQL read only containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for livenessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for livenessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for livenessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for livenessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for livenessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesReadReplicasNetworkPolicy struct { - // Don't require server label for connections - AllowExternal bool `json:"allowExternal,omitempty" yaml:"allowExternal,omitempty" mapstructure:"allowExternal,omitempty"` - - // Allow the pod to access any range of port and all destinations. - AllowExternalEgress bool `json:"allowExternalEgress,omitempty" yaml:"allowExternalEgress,omitempty" mapstructure:"allowExternalEgress,omitempty"` - - // Specifies whether a NetworkPolicy should be created - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Add extra ingress rules to the NetworkPolicy - ExtraEgress []string `json:"extraEgress,omitempty" yaml:"extraEgress,omitempty" mapstructure:"extraEgress,omitempty"` - - // Add extra ingress rules to the NetworkPolice - ExtraIngress []string `json:"extraIngress,omitempty" yaml:"extraIngress,omitempty" mapstructure:"extraIngress,omitempty"` -} - -type ValuesReadReplicasNodeAffinityPreset struct { - // PostgreSQL read only node label key to match Ignored if `primary.affinity` is - // set. - Key string `json:"key,omitempty" yaml:"key,omitempty" mapstructure:"key,omitempty"` - - // PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` - // is set. Allowed values: `soft` or `hard` - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` - - // PostgreSQL read only node label values to match. Ignored if `primary.affinity` - // is set. - Values []interface{} `json:"values,omitempty" yaml:"values,omitempty" mapstructure:"values,omitempty"` -} - -// Node labels for PostgreSQL read only pods assignment -type ValuesReadReplicasNodeSelector map[string]interface{} - -type ValuesReadReplicasPersistence struct { - // PVC Access Mode for PostgreSQL volume - AccessModes []string `json:"accessModes,omitempty" yaml:"accessModes,omitempty" mapstructure:"accessModes,omitempty"` - - // Annotations for the PVC - Annotations ValuesReadReplicasPersistenceAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Custom PVC data source - DataSource ValuesReadReplicasPersistenceDataSource `json:"dataSource,omitempty" yaml:"dataSource,omitempty" mapstructure:"dataSource,omitempty"` - - // Enable PostgreSQL read only data persistence using PVC - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Name of an existing PVC to use - ExistingClaim string `json:"existingClaim,omitempty" yaml:"existingClaim,omitempty" mapstructure:"existingClaim,omitempty"` - - // Labels for the PVC - Labels ValuesReadReplicasPersistenceLabels `json:"labels,omitempty" yaml:"labels,omitempty" mapstructure:"labels,omitempty"` - - // The path the volume will be mounted at - MountPath string `json:"mountPath,omitempty" yaml:"mountPath,omitempty" mapstructure:"mountPath,omitempty"` - - // Selector to match an existing Persistent Volume (this value is evaluated as a - // template) - Selector ValuesReadReplicasPersistenceSelector `json:"selector,omitempty" yaml:"selector,omitempty" mapstructure:"selector,omitempty"` - - // PVC Storage Request for PostgreSQL volume - Size string `json:"size,omitempty" yaml:"size,omitempty" mapstructure:"size,omitempty"` - - // PVC Storage Class for PostgreSQL read only data volume - StorageClass string `json:"storageClass,omitempty" yaml:"storageClass,omitempty" mapstructure:"storageClass,omitempty"` - - // The subdirectory of the volume to mount to - SubPath string `json:"subPath,omitempty" yaml:"subPath,omitempty" mapstructure:"subPath,omitempty"` -} - -// Annotations for the PVC -type ValuesReadReplicasPersistenceAnnotations map[string]interface{} - -// Custom PVC data source -type ValuesReadReplicasPersistenceDataSource map[string]interface{} - -// Labels for the PVC -type ValuesReadReplicasPersistenceLabels map[string]interface{} - -// Selector to match an existing Persistent Volume (this value is evaluated as a -// template) -type ValuesReadReplicasPersistenceSelector map[string]interface{} - -type ValuesReadReplicasPersistentVolumeClaimRetentionPolicy struct { - // Enable Persistent volume retention policy for read only Statefulset - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Volume retention behavior that applies when the StatefulSet is deleted - WhenDeleted string `json:"whenDeleted,omitempty" yaml:"whenDeleted,omitempty" mapstructure:"whenDeleted,omitempty"` - - // Volume retention behavior when the replica count of the StatefulSet is reduced - WhenScaled string `json:"whenScaled,omitempty" yaml:"whenScaled,omitempty" mapstructure:"whenScaled,omitempty"` -} - -// Map of annotations to add to the pods (PostgreSQL read only) -type ValuesReadReplicasPodAnnotations map[string]interface{} - -// Map of labels to add to the pods (PostgreSQL read only) -type ValuesReadReplicasPodLabels map[string]interface{} - -type ValuesReadReplicasPodSecurityContext struct { - // Enable security context - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Group ID for the pod - FsGroup float64 `json:"fsGroup,omitempty" yaml:"fsGroup,omitempty" mapstructure:"fsGroup,omitempty"` - - // Set filesystem group change policy - FsGroupChangePolicy string `json:"fsGroupChangePolicy,omitempty" yaml:"fsGroupChangePolicy,omitempty" mapstructure:"fsGroupChangePolicy,omitempty"` - - // Set filesystem extra groups - SupplementalGroups []interface{} `json:"supplementalGroups,omitempty" yaml:"supplementalGroups,omitempty" mapstructure:"supplementalGroups,omitempty"` - - // Set kernel settings using the sysctl interface - Sysctls []interface{} `json:"sysctls,omitempty" yaml:"sysctls,omitempty" mapstructure:"sysctls,omitempty"` -} - -type ValuesReadReplicasReadinessProbe struct { - // Enable readinessProbe on PostgreSQL read only containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for readinessProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for readinessProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for readinessProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for readinessProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for readinessProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -// Set container requests and limits for different resources like CPU or memory -// (essential for production workloads) -type ValuesReadReplicasResources map[string]interface{} - -type ValuesReadReplicasService struct { - // Annotations for PostgreSQL read only service - Annotations ValuesReadReplicasServiceAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Static clusterIP or None for headless services - ClusterIP string `json:"clusterIP,omitempty" yaml:"clusterIP,omitempty" mapstructure:"clusterIP,omitempty"` - - // Enable client source IP preservation - ExternalTrafficPolicy string `json:"externalTrafficPolicy,omitempty" yaml:"externalTrafficPolicy,omitempty" mapstructure:"externalTrafficPolicy,omitempty"` - - // Extra ports to expose in the PostgreSQL read only service - ExtraPorts []interface{} `json:"extraPorts,omitempty" yaml:"extraPorts,omitempty" mapstructure:"extraPorts,omitempty"` - - // Headless corresponds to the JSON schema field "headless". - Headless *ValuesReadReplicasServiceHeadless `json:"headless,omitempty" yaml:"headless,omitempty" mapstructure:"headless,omitempty"` - - // Load balancer IP if service type is `LoadBalancer` - LoadBalancerIP string `json:"loadBalancerIP,omitempty" yaml:"loadBalancerIP,omitempty" mapstructure:"loadBalancerIP,omitempty"` - - // Addresses that are allowed when service is LoadBalancer - LoadBalancerSourceRanges []interface{} `json:"loadBalancerSourceRanges,omitempty" yaml:"loadBalancerSourceRanges,omitempty" mapstructure:"loadBalancerSourceRanges,omitempty"` - - // NodePorts corresponds to the JSON schema field "nodePorts". - NodePorts *ValuesReadReplicasServiceNodePorts `json:"nodePorts,omitempty" yaml:"nodePorts,omitempty" mapstructure:"nodePorts,omitempty"` - - // Ports corresponds to the JSON schema field "ports". - Ports *ValuesReadReplicasServicePorts `json:"ports,omitempty" yaml:"ports,omitempty" mapstructure:"ports,omitempty"` - - // Session Affinity for Kubernetes service, can be "None" or "ClientIP" - SessionAffinity string `json:"sessionAffinity,omitempty" yaml:"sessionAffinity,omitempty" mapstructure:"sessionAffinity,omitempty"` - - // Additional settings for the sessionAffinity - SessionAffinityConfig ValuesReadReplicasServiceSessionAffinityConfig `json:"sessionAffinityConfig,omitempty" yaml:"sessionAffinityConfig,omitempty" mapstructure:"sessionAffinityConfig,omitempty"` - - // Kubernetes Service type - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// Annotations for PostgreSQL read only service -type ValuesReadReplicasServiceAnnotations map[string]interface{} - -type ValuesReadReplicasServiceHeadless struct { - // Additional custom annotations for headless PostgreSQL read only service - Annotations ValuesReadReplicasServiceHeadlessAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` -} - -// Additional custom annotations for headless PostgreSQL read only service -type ValuesReadReplicasServiceHeadlessAnnotations map[string]interface{} - -type ValuesReadReplicasServiceNodePorts struct { - // Node port for PostgreSQL - Postgresql string `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -type ValuesReadReplicasServicePorts struct { - // PostgreSQL service port - Postgresql float64 `json:"postgresql,omitempty" yaml:"postgresql,omitempty" mapstructure:"postgresql,omitempty"` -} - -// Additional settings for the sessionAffinity -type ValuesReadReplicasServiceSessionAffinityConfig map[string]interface{} - -type ValuesReadReplicasStartupProbe struct { - // Enable startupProbe on PostgreSQL read only containers - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Failure threshold for startupProbe - FailureThreshold float64 `json:"failureThreshold,omitempty" yaml:"failureThreshold,omitempty" mapstructure:"failureThreshold,omitempty"` - - // Initial delay seconds for startupProbe - InitialDelaySeconds float64 `json:"initialDelaySeconds,omitempty" yaml:"initialDelaySeconds,omitempty" mapstructure:"initialDelaySeconds,omitempty"` - - // Period seconds for startupProbe - PeriodSeconds float64 `json:"periodSeconds,omitempty" yaml:"periodSeconds,omitempty" mapstructure:"periodSeconds,omitempty"` - - // Success threshold for startupProbe - SuccessThreshold float64 `json:"successThreshold,omitempty" yaml:"successThreshold,omitempty" mapstructure:"successThreshold,omitempty"` - - // Timeout seconds for startupProbe - TimeoutSeconds float64 `json:"timeoutSeconds,omitempty" yaml:"timeoutSeconds,omitempty" mapstructure:"timeoutSeconds,omitempty"` -} - -type ValuesReadReplicasUpdateStrategy struct { - // PostgreSQL read only statefulset rolling update configuration parameters - RollingUpdate ValuesReadReplicasUpdateStrategyRollingUpdate `json:"rollingUpdate,omitempty" yaml:"rollingUpdate,omitempty" mapstructure:"rollingUpdate,omitempty"` - - // PostgreSQL read only statefulset strategy type - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -// PostgreSQL read only statefulset rolling update configuration parameters -type ValuesReadReplicasUpdateStrategyRollingUpdate map[string]interface{} - -type ValuesReplication struct { - // Cluster application name. Useful for advanced replication settings - ApplicationName string `json:"applicationName,omitempty" yaml:"applicationName,omitempty" mapstructure:"applicationName,omitempty"` - - // Number of replicas that will have synchronous replication. Note: Cannot be - // greater than `readReplicas.replicaCount`. - NumSynchronousReplicas float64 `json:"numSynchronousReplicas,omitempty" yaml:"numSynchronousReplicas,omitempty" mapstructure:"numSynchronousReplicas,omitempty"` - - // Set synchronous commit mode. Allowed values: `on`, `remote_apply`, - // `remote_write`, `local` and `off` - SynchronousCommit string `json:"synchronousCommit,omitempty" yaml:"synchronousCommit,omitempty" mapstructure:"synchronousCommit,omitempty"` -} - -type ValuesServiceAccount struct { - // Additional custom annotations for the ServiceAccount - Annotations ValuesServiceAccountAnnotations `json:"annotations,omitempty" yaml:"annotations,omitempty" mapstructure:"annotations,omitempty"` - - // Allows auto mount of ServiceAccountToken on the serviceAccount created - AutomountServiceAccountToken bool `json:"automountServiceAccountToken,omitempty" yaml:"automountServiceAccountToken,omitempty" mapstructure:"automountServiceAccountToken,omitempty"` - - // Enable creation of ServiceAccount for PostgreSQL pod - Create bool `json:"create,omitempty" yaml:"create,omitempty" mapstructure:"create,omitempty"` - - // The name of the ServiceAccount to use. - Name string `json:"name,omitempty" yaml:"name,omitempty" mapstructure:"name,omitempty"` -} - -// Additional custom annotations for the ServiceAccount -type ValuesServiceAccountAnnotations map[string]interface{} - -type ValuesServiceBindings struct { - // Create secret for service binding (Experimental) - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` -} - -type ValuesShmVolume struct { - // Enable emptyDir volume for /dev/shm for PostgreSQL pod(s) - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Set this to enable a size limit on the shm tmpfs - SizeLimit string `json:"sizeLimit,omitempty" yaml:"sizeLimit,omitempty" mapstructure:"sizeLimit,omitempty"` -} - -type ValuesTls struct { - // Generate automatically self-signed TLS certificates - AutoGenerated bool `json:"autoGenerated,omitempty" yaml:"autoGenerated,omitempty" mapstructure:"autoGenerated,omitempty"` - - // CA Certificate filename - CertCAFilename string `json:"certCAFilename,omitempty" yaml:"certCAFilename,omitempty" mapstructure:"certCAFilename,omitempty"` - - // Certificate filename - CertFilename string `json:"certFilename,omitempty" yaml:"certFilename,omitempty" mapstructure:"certFilename,omitempty"` - - // Certificate key filename - CertKeyFilename string `json:"certKeyFilename,omitempty" yaml:"certKeyFilename,omitempty" mapstructure:"certKeyFilename,omitempty"` - - // Name of an existing secret that contains the certificates - CertificatesSecret string `json:"certificatesSecret,omitempty" yaml:"certificatesSecret,omitempty" mapstructure:"certificatesSecret,omitempty"` - - // File containing a Certificate Revocation List - CrlFilename string `json:"crlFilename,omitempty" yaml:"crlFilename,omitempty" mapstructure:"crlFilename,omitempty"` - - // Enable TLS traffic support - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Whether to use the server's TLS cipher preferences rather than the client's - PreferServerCiphers bool `json:"preferServerCiphers,omitempty" yaml:"preferServerCiphers,omitempty" mapstructure:"preferServerCiphers,omitempty"` -} - -type ValuesVolumePermissions struct { - // ContainerSecurityContext corresponds to the JSON schema field - // "containerSecurityContext". - ContainerSecurityContext *ValuesVolumePermissionsContainerSecurityContext `json:"containerSecurityContext,omitempty" yaml:"containerSecurityContext,omitempty" mapstructure:"containerSecurityContext,omitempty"` - - // Enable init container that changes the owner and group of the persistent volume - Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty" mapstructure:"enabled,omitempty"` - - // Image corresponds to the JSON schema field "image". - Image *ValuesVolumePermissionsImage `json:"image,omitempty" yaml:"image,omitempty" mapstructure:"image,omitempty"` - - // Set container requests and limits for different resources like CPU or memory - // (essential for production workloads) - Resources ValuesVolumePermissionsResources `json:"resources,omitempty" yaml:"resources,omitempty" mapstructure:"resources,omitempty"` - - // Set container resources according to one common preset (allowed values: none, - // nano, small, medium, large, xlarge, 2xlarge). This is ignored if - // volumePermissions.resources is set (volumePermissions.resources is recommended - // for production). - ResourcesPreset string `json:"resourcesPreset,omitempty" yaml:"resourcesPreset,omitempty" mapstructure:"resourcesPreset,omitempty"` -} - -type ValuesVolumePermissionsContainerSecurityContext struct { - // Group ID for the init container - RunAsGroup float64 `json:"runAsGroup,omitempty" yaml:"runAsGroup,omitempty" mapstructure:"runAsGroup,omitempty"` - - // runAsNonRoot for the init container - RunAsNonRoot bool `json:"runAsNonRoot,omitempty" yaml:"runAsNonRoot,omitempty" mapstructure:"runAsNonRoot,omitempty"` - - // User ID for the init container - RunAsUser float64 `json:"runAsUser,omitempty" yaml:"runAsUser,omitempty" mapstructure:"runAsUser,omitempty"` - - // SeccompProfile corresponds to the JSON schema field "seccompProfile". - SeccompProfile *ValuesVolumePermissionsContainerSecurityContextSeccompProfile `json:"seccompProfile,omitempty" yaml:"seccompProfile,omitempty" mapstructure:"seccompProfile,omitempty"` -} - -type ValuesVolumePermissionsContainerSecurityContextSeccompProfile struct { - // seccompProfile.type for the init container - Type string `json:"type,omitempty" yaml:"type,omitempty" mapstructure:"type,omitempty"` -} - -type ValuesVolumePermissionsImage struct { - // Init container volume-permissions image digest in the way sha256:aa.... Please - // note this parameter, if set, will override the tag - Digest string `json:"digest,omitempty" yaml:"digest,omitempty" mapstructure:"digest,omitempty"` - - // Init container volume-permissions image pull policy - PullPolicy string `json:"pullPolicy,omitempty" yaml:"pullPolicy,omitempty" mapstructure:"pullPolicy,omitempty"` - - // Init container volume-permissions image pull secrets - PullSecrets []interface{} `json:"pullSecrets,omitempty" yaml:"pullSecrets,omitempty" mapstructure:"pullSecrets,omitempty"` - - // Init container volume-permissions image registry - Registry string `json:"registry,omitempty" yaml:"registry,omitempty" mapstructure:"registry,omitempty"` - - // Init container volume-permissions image repository - Repository string `json:"repository,omitempty" yaml:"repository,omitempty" mapstructure:"repository,omitempty"` -} - -// Set container requests and limits for different resources like CPU or memory -// (essential for production workloads) -type ValuesVolumePermissionsResources map[string]interface{} diff --git a/cmd/examples/mongodb/main.go b/cmd/examples/mongodb/main.go deleted file mode 100644 index 4b1239a..0000000 --- a/cmd/examples/mongodb/main.go +++ /dev/null @@ -1,18 +0,0 @@ -package main - -import ( - "encoding/json" - "os" - - "github.com/yokecd/yoke/cmd/examples/internal/flights/mongodb" -) - -func main() { - resources, err := mongodb.RenderChart(os.Args[0], "default", &mongodb.Values{ - // ... values ... - }) - if err != nil { - panic(err) - } - json.NewEncoder(os.Stdout).Encode(resources) -} diff --git a/cmd/yoke/cmd_takeoff.go b/cmd/yoke/cmd_takeoff.go index 0b6885c..7e19132 100644 --- a/cmd/yoke/cmd_takeoff.go +++ b/cmd/yoke/cmd_takeoff.go @@ -59,6 +59,7 @@ func GetTakeoffParams(settings GlobalSettings, source io.Reader, args []string) flagset.BoolVar(¶ms.ForceConflicts, "force-conflicts", false, "force apply changes on field manager conflicts") flagset.BoolVar(¶ms.CreateNamespace, "create-namespace", false, "create namespace of target release if not present") flagset.BoolVar(¶ms.MultiNamespaces, "multi-namespaces", false, "allows releases to create resources in other namespaces than the target namespace") + flagset.BoolVar(¶ms.ClusterAccess, "cluster-access", false, "allows flight access to the cluster during takeoff. Only applies when not directing output to stdout or to a local destination.") flagset.BoolVar(¶ms.DiffOnly, "diff-only", false, "show diff between current revision and would be applied state. Does not apply anything to cluster") flagset.BoolVar(¶ms.Color, "color", term.IsTerminal(int(os.Stdout.Fd())), "use colored output in diffs") diff --git a/cmd/yoke/internal/testing/flight/main.go b/cmd/yoke/internal/testing/flight/main.go new file mode 100644 index 0000000..e124d94 --- /dev/null +++ b/cmd/yoke/internal/testing/flight/main.go @@ -0,0 +1,69 @@ +package main + +import ( + "crypto/rand" + "encoding/json" + "fmt" + "io" + "os" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/yaml" + + "github.com/yokecd/yoke/pkg/flight" + "github.com/yokecd/yoke/pkg/flight/wasi/k8s" +) + +func main() { + if err := run(); err != nil { + fmt.Fprintln(os.Stderr, err) + os.Exit(1) + } +} + +func run() error { + secretName := flight.Release() + "-example" + + identifier := k8s.ResourceIdentifier{ + Name: secretName, + Namespace: flight.Namespace(), + Kind: "Secret", + ApiVersion: "v1", + } + + if err := yaml.NewYAMLToJSONDecoder(os.Stdin).Decode(&identifier); err != nil && err != io.EOF { + return err + } + + secret, err := k8s.Lookup[corev1.Secret](identifier) + if err != nil && !k8s.IsErrNotFound(err) { + return fmt.Errorf("failed to lookup secret: %v", err) + } + + return json.NewEncoder(os.Stdout).Encode(corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + }, + StringData: map[string]string{ + "password": func() string { + if secret != nil { + // if the secret already exists we want to reuse the example value instead of generating a new random string. + return string(secret.Data["password"]) + } + // Since the secret does not exist we need to generate a new password via the power of entropy! + return RandomString() + }(), + }, + }) +} + +func RandomString() string { + buf := make([]byte, 6) + rand.Read(buf) + return fmt.Sprintf("%x", buf) +} diff --git a/cmd/yoke/main_test.go b/cmd/yoke/main_test.go index 36f9e78..6f0e1b4 100644 --- a/cmd/yoke/main_test.go +++ b/cmd/yoke/main_test.go @@ -42,7 +42,7 @@ func TestMain(m *testing.M) { os.Exit(m.Run()) } -var background = context.Background() +var background = internal.WithStdout(context.Background(), io.Discard) func createBasicDeployment(t *testing.T, name, namespace string) io.Reader { labels := map[string]string{"app": name} @@ -743,3 +743,79 @@ func TestTurbulenceFix(t *testing.T) { require.NoError(t, err) require.Equal(t, "value", configmap.Data["key"]) } + +func TestLookupResource(t *testing.T) { + require.NoError(t, x.X("go build -o ./test_output/flight.wasm ./internal/testing/flight", x.Env("GOOS=wasip1", "GOARCH=wasm"))) + + client, err := k8s.NewClientFromKubeConfig(home.Kubeconfig) + require.NoError(t, err) + + require.ErrorContains( + t, + TakeOff(background, TakeoffParams{ + GlobalSettings: GlobalSettings{KubeConfigPath: home.Kubeconfig}, + TakeoffParams: yoke.TakeoffParams{ + Release: "foo", + Flight: yoke.FlightParams{ + Path: "./test_output/flight.wasm", + Namespace: "default", + }, + Wait: 10 * time.Second, + Poll: time.Second, + }, + }), + "access to the cluster has not been granted for this flight invocation", + ) + + params := TakeoffParams{ + GlobalSettings: GlobalSettings{KubeConfigPath: home.Kubeconfig}, + TakeoffParams: yoke.TakeoffParams{ + Release: "foo", + ClusterAccess: true, + Flight: yoke.FlightParams{ + Path: "./test_output/flight.wasm", + Namespace: "default", + }, + Wait: 10 * time.Second, + Poll: time.Second, + }, + } + + require.NoError(t, TakeOff(background, params)) + defer func() { + require.NoError(t, Mayday(background, MaydayParams{ + GlobalSettings: params.GlobalSettings, + Release: "foo", + })) + }() + + secret, err := client.Clientset.CoreV1().Secrets("default").Get(background, "foo-example", metav1.GetOptions{}) + require.NoError(t, err) + + require.NotEmpty(t, secret.Data["password"]) + + err = TakeOff(background, params) + require.NotNil(t, err) + require.True(t, internal.IsWarning(err), "should be warning but got: %v", err) + require.EqualError(t, err, "resources are the same as previous revision: skipping takeoff") + + require.ErrorContains( + t, + TakeOff(background, TakeoffParams{ + GlobalSettings: GlobalSettings{KubeConfigPath: home.Kubeconfig}, + TakeoffParams: yoke.TakeoffParams{ + Release: "foo", + CreateNamespace: true, + ClusterAccess: true, + Flight: yoke.FlightParams{ + Path: "./test_output/flight.wasm", + Namespace: "foo", + Input: strings.NewReader(`{"Namespace": "default"}`), + }, + Wait: 10 * time.Second, + Poll: time.Second, + }, + }), + "cannot access resource outside of target release ownership", + ) +} diff --git a/cmd/yokecd/main.go b/cmd/yokecd/main.go index 82c7ecb..ee464ea 100644 --- a/cmd/yokecd/main.go +++ b/cmd/yokecd/main.go @@ -16,10 +16,10 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/util/yaml" - "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "github.com/yokecd/yoke/internal" + "github.com/yokecd/yoke/internal/k8s" "github.com/yokecd/yoke/pkg/yoke" ) @@ -49,14 +49,14 @@ func run(ctx context.Context, cfg Config) (err error) { return fmt.Errorf("failed to get in cluster config: %w", err) } - clientset, err := kubernetes.NewForConfig(rest) + client, err := k8s.NewClient(rest) if err != nil { return fmt.Errorf("failed to instantiate kubernetes clientset: %w", err) } secrets := make(map[string]string, len(cfg.Flight.Refs)) for name, ref := range cfg.Flight.Refs { - secret, err := clientset.CoreV1().Secrets(cmp.Or(ref.Namespace, cfg.Namespace)).Get(ctx, ref.Secret, v1.GetOptions{}) + secret, err := client.Clientset.CoreV1().Secrets(cmp.Or(ref.Namespace, cfg.Namespace)).Get(ctx, ref.Secret, v1.GetOptions{}) if err != nil { return fmt.Errorf("failed to get secret reference %q: %w", ref.Secret, err) } @@ -99,7 +99,7 @@ func run(ctx context.Context, cfg Config) (err error) { return nil, fmt.Errorf("failed to get wasm path: %w", err) } - data, _, err := yoke.EvalFlight(ctx, cfg.Application.Name, yoke.FlightParams{ + data, _, err := yoke.EvalFlight(ctx, client, cfg.Application.Name, yoke.FlightParams{ Path: wasmPath, Input: strings.NewReader(cfg.Flight.Input), Args: cfg.Flight.Args, diff --git a/cmd/examples/kube/main.go b/examples/basic/main.go similarity index 100% rename from cmd/examples/kube/main.go rename to examples/basic/main.go diff --git a/cmd/examples/pg/main.go b/examples/embeddedfs/main.go similarity index 100% rename from cmd/examples/pg/main.go rename to examples/embeddedfs/main.go diff --git a/cmd/examples/pg/postgresql/.helmignore b/examples/embeddedfs/postgresql/.helmignore similarity index 100% rename from cmd/examples/pg/postgresql/.helmignore rename to examples/embeddedfs/postgresql/.helmignore diff --git a/cmd/examples/pg/postgresql/Chart.lock b/examples/embeddedfs/postgresql/Chart.lock similarity index 100% rename from cmd/examples/pg/postgresql/Chart.lock rename to examples/embeddedfs/postgresql/Chart.lock diff --git a/cmd/examples/pg/postgresql/Chart.yaml b/examples/embeddedfs/postgresql/Chart.yaml similarity index 100% rename from cmd/examples/pg/postgresql/Chart.yaml rename to examples/embeddedfs/postgresql/Chart.yaml diff --git a/cmd/examples/pg/postgresql/README.md b/examples/embeddedfs/postgresql/README.md similarity index 100% rename from cmd/examples/pg/postgresql/README.md rename to examples/embeddedfs/postgresql/README.md diff --git a/cmd/examples/pg/postgresql/charts/common/.helmignore b/examples/embeddedfs/postgresql/charts/common/.helmignore similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/.helmignore rename to examples/embeddedfs/postgresql/charts/common/.helmignore diff --git a/cmd/examples/pg/postgresql/charts/common/Chart.yaml b/examples/embeddedfs/postgresql/charts/common/Chart.yaml similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/Chart.yaml rename to examples/embeddedfs/postgresql/charts/common/Chart.yaml diff --git a/cmd/examples/pg/postgresql/charts/common/README.md b/examples/embeddedfs/postgresql/charts/common/README.md similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/README.md rename to examples/embeddedfs/postgresql/charts/common/README.md diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_affinities.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_affinities.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_affinities.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_affinities.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_capabilities.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_capabilities.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_capabilities.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_capabilities.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_errors.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_errors.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_errors.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_errors.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_images.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_images.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_images.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_images.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_ingress.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_ingress.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_ingress.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_ingress.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_labels.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_labels.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_labels.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_labels.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_names.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_names.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_names.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_names.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_resources.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_resources.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_resources.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_resources.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_secrets.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_secrets.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_secrets.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_secrets.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_storage.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_storage.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_storage.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_storage.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_tplvalues.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_tplvalues.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_tplvalues.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_tplvalues.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_utils.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_utils.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_utils.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_utils.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/_warnings.tpl b/examples/embeddedfs/postgresql/charts/common/templates/_warnings.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/_warnings.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/_warnings.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_cassandra.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_cassandra.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_cassandra.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_cassandra.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_mariadb.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_mariadb.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_mariadb.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_mariadb.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_mongodb.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_mongodb.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_mongodb.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_mongodb.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_mysql.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_mysql.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_mysql.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_mysql.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_postgresql.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_postgresql.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_postgresql.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_postgresql.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_redis.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_redis.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_redis.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_redis.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/templates/validations/_validations.tpl b/examples/embeddedfs/postgresql/charts/common/templates/validations/_validations.tpl similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/templates/validations/_validations.tpl rename to examples/embeddedfs/postgresql/charts/common/templates/validations/_validations.tpl diff --git a/cmd/examples/pg/postgresql/charts/common/values.yaml b/examples/embeddedfs/postgresql/charts/common/values.yaml similarity index 100% rename from cmd/examples/pg/postgresql/charts/common/values.yaml rename to examples/embeddedfs/postgresql/charts/common/values.yaml diff --git a/cmd/examples/pg/postgresql/templates/NOTES.txt b/examples/embeddedfs/postgresql/templates/NOTES.txt similarity index 100% rename from cmd/examples/pg/postgresql/templates/NOTES.txt rename to examples/embeddedfs/postgresql/templates/NOTES.txt diff --git a/cmd/examples/pg/postgresql/templates/_helpers.tpl b/examples/embeddedfs/postgresql/templates/_helpers.tpl similarity index 100% rename from cmd/examples/pg/postgresql/templates/_helpers.tpl rename to examples/embeddedfs/postgresql/templates/_helpers.tpl diff --git a/cmd/examples/pg/postgresql/templates/backup/cronjob.yaml b/examples/embeddedfs/postgresql/templates/backup/cronjob.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/backup/cronjob.yaml rename to examples/embeddedfs/postgresql/templates/backup/cronjob.yaml diff --git a/cmd/examples/pg/postgresql/templates/backup/pvc.yaml b/examples/embeddedfs/postgresql/templates/backup/pvc.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/backup/pvc.yaml rename to examples/embeddedfs/postgresql/templates/backup/pvc.yaml diff --git a/cmd/examples/pg/postgresql/templates/extra-list.yaml b/examples/embeddedfs/postgresql/templates/extra-list.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/extra-list.yaml rename to examples/embeddedfs/postgresql/templates/extra-list.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/configmap.yaml b/examples/embeddedfs/postgresql/templates/primary/configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/configmap.yaml rename to examples/embeddedfs/postgresql/templates/primary/configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/extended-configmap.yaml b/examples/embeddedfs/postgresql/templates/primary/extended-configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/extended-configmap.yaml rename to examples/embeddedfs/postgresql/templates/primary/extended-configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/initialization-configmap.yaml b/examples/embeddedfs/postgresql/templates/primary/initialization-configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/initialization-configmap.yaml rename to examples/embeddedfs/postgresql/templates/primary/initialization-configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/metrics-configmap.yaml b/examples/embeddedfs/postgresql/templates/primary/metrics-configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/metrics-configmap.yaml rename to examples/embeddedfs/postgresql/templates/primary/metrics-configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/metrics-svc.yaml b/examples/embeddedfs/postgresql/templates/primary/metrics-svc.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/metrics-svc.yaml rename to examples/embeddedfs/postgresql/templates/primary/metrics-svc.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/networkpolicy.yaml b/examples/embeddedfs/postgresql/templates/primary/networkpolicy.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/networkpolicy.yaml rename to examples/embeddedfs/postgresql/templates/primary/networkpolicy.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/servicemonitor.yaml b/examples/embeddedfs/postgresql/templates/primary/servicemonitor.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/servicemonitor.yaml rename to examples/embeddedfs/postgresql/templates/primary/servicemonitor.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/statefulset.yaml b/examples/embeddedfs/postgresql/templates/primary/statefulset.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/statefulset.yaml rename to examples/embeddedfs/postgresql/templates/primary/statefulset.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/svc-headless.yaml b/examples/embeddedfs/postgresql/templates/primary/svc-headless.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/svc-headless.yaml rename to examples/embeddedfs/postgresql/templates/primary/svc-headless.yaml diff --git a/cmd/examples/pg/postgresql/templates/primary/svc.yaml b/examples/embeddedfs/postgresql/templates/primary/svc.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/primary/svc.yaml rename to examples/embeddedfs/postgresql/templates/primary/svc.yaml diff --git a/cmd/examples/pg/postgresql/templates/prometheusrule.yaml b/examples/embeddedfs/postgresql/templates/prometheusrule.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/prometheusrule.yaml rename to examples/embeddedfs/postgresql/templates/prometheusrule.yaml diff --git a/cmd/examples/pg/postgresql/templates/psp.yaml b/examples/embeddedfs/postgresql/templates/psp.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/psp.yaml rename to examples/embeddedfs/postgresql/templates/psp.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/extended-configmap.yaml b/examples/embeddedfs/postgresql/templates/read/extended-configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/extended-configmap.yaml rename to examples/embeddedfs/postgresql/templates/read/extended-configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/metrics-configmap.yaml b/examples/embeddedfs/postgresql/templates/read/metrics-configmap.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/metrics-configmap.yaml rename to examples/embeddedfs/postgresql/templates/read/metrics-configmap.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/metrics-svc.yaml b/examples/embeddedfs/postgresql/templates/read/metrics-svc.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/metrics-svc.yaml rename to examples/embeddedfs/postgresql/templates/read/metrics-svc.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/networkpolicy.yaml b/examples/embeddedfs/postgresql/templates/read/networkpolicy.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/networkpolicy.yaml rename to examples/embeddedfs/postgresql/templates/read/networkpolicy.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/servicemonitor.yaml b/examples/embeddedfs/postgresql/templates/read/servicemonitor.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/servicemonitor.yaml rename to examples/embeddedfs/postgresql/templates/read/servicemonitor.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/statefulset.yaml b/examples/embeddedfs/postgresql/templates/read/statefulset.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/statefulset.yaml rename to examples/embeddedfs/postgresql/templates/read/statefulset.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/svc-headless.yaml b/examples/embeddedfs/postgresql/templates/read/svc-headless.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/svc-headless.yaml rename to examples/embeddedfs/postgresql/templates/read/svc-headless.yaml diff --git a/cmd/examples/pg/postgresql/templates/read/svc.yaml b/examples/embeddedfs/postgresql/templates/read/svc.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/read/svc.yaml rename to examples/embeddedfs/postgresql/templates/read/svc.yaml diff --git a/cmd/examples/pg/postgresql/templates/role.yaml b/examples/embeddedfs/postgresql/templates/role.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/role.yaml rename to examples/embeddedfs/postgresql/templates/role.yaml diff --git a/cmd/examples/pg/postgresql/templates/rolebinding.yaml b/examples/embeddedfs/postgresql/templates/rolebinding.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/rolebinding.yaml rename to examples/embeddedfs/postgresql/templates/rolebinding.yaml diff --git a/cmd/examples/pg/postgresql/templates/secrets.yaml b/examples/embeddedfs/postgresql/templates/secrets.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/secrets.yaml rename to examples/embeddedfs/postgresql/templates/secrets.yaml diff --git a/cmd/examples/pg/postgresql/templates/serviceaccount.yaml b/examples/embeddedfs/postgresql/templates/serviceaccount.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/serviceaccount.yaml rename to examples/embeddedfs/postgresql/templates/serviceaccount.yaml diff --git a/cmd/examples/pg/postgresql/templates/tls-secrets.yaml b/examples/embeddedfs/postgresql/templates/tls-secrets.yaml similarity index 100% rename from cmd/examples/pg/postgresql/templates/tls-secrets.yaml rename to examples/embeddedfs/postgresql/templates/tls-secrets.yaml diff --git a/cmd/examples/pg/postgresql/values.schema.json b/examples/embeddedfs/postgresql/values.schema.json similarity index 100% rename from cmd/examples/pg/postgresql/values.schema.json rename to examples/embeddedfs/postgresql/values.schema.json diff --git a/cmd/examples/pg/postgresql/values.yaml b/examples/embeddedfs/postgresql/values.yaml similarity index 100% rename from cmd/examples/pg/postgresql/values.yaml rename to examples/embeddedfs/postgresql/values.yaml diff --git a/cmd/examples/pg/values.go b/examples/embeddedfs/values.go similarity index 100% rename from cmd/examples/pg/values.go rename to examples/embeddedfs/values.go diff --git a/cmd/examples/internal/flights/redis/flight.go b/examples/internal/flights/redis/flight.go similarity index 100% rename from cmd/examples/internal/flights/redis/flight.go rename to examples/internal/flights/redis/flight.go diff --git a/cmd/examples/internal/flights/redis/redis-18.17.0.tgz b/examples/internal/flights/redis/redis-18.17.0.tgz similarity index 100% rename from cmd/examples/internal/flights/redis/redis-18.17.0.tgz rename to examples/internal/flights/redis/redis-18.17.0.tgz diff --git a/cmd/examples/internal/flights/redis/values.go b/examples/internal/flights/redis/values.go similarity index 100% rename from cmd/examples/internal/flights/redis/values.go rename to examples/internal/flights/redis/values.go diff --git a/examples/lookup/main.go b/examples/lookup/main.go new file mode 100644 index 0000000..18e4eed --- /dev/null +++ b/examples/lookup/main.go @@ -0,0 +1,61 @@ +package main + +import ( + "crypto/rand" + "encoding/json" + "fmt" + "os" + + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/yokecd/yoke/pkg/flight" + "github.com/yokecd/yoke/pkg/flight/wasi/k8s" +) + +func main() { + if err := run(); err != nil { + fmt.Fprintln(os.Stderr, err) + os.Exit(1) + } +} + +func run() error { + secretName := flight.Release() + "-example" + + secret, err := k8s.Lookup[corev1.Secret](k8s.ResourceIdentifier{ + ApiVersion: "v1", + Kind: "Secret", + Name: secretName, + Namespace: flight.Namespace(), + }) + if err != nil && !k8s.IsErrNotFound(err) { + return fmt.Errorf("failed to lookup secret: %v", err) + } + + return json.NewEncoder(os.Stdout).Encode(corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + }, + StringData: map[string]string{ + "password": func() string { + if secret != nil { + // if the secret already exists we want to reuse the example value instead of generating a new random string. + return string(secret.Data["password"]) + } + // Since the secret does not exist we need to generate a new password via the power of entropy! + return RandomString() + }(), + }, + }) +} + +func RandomString() string { + buf := make([]byte, 6) + rand.Read(buf) + return fmt.Sprintf("%x", buf) +} diff --git a/cmd/examples/redis/main.go b/examples/redis/main.go similarity index 86% rename from cmd/examples/redis/main.go rename to examples/redis/main.go index d967d79..13bd338 100644 --- a/cmd/examples/redis/main.go +++ b/examples/redis/main.go @@ -6,7 +6,7 @@ import ( "fmt" "os" - "github.com/yokecd/yoke/cmd/examples/internal/flights/redis" + "github.com/yokecd/yoke/examples/internal/flights/redis" ) func main() { diff --git a/go.mod b/go.mod index 8684e45..171ab56 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,11 @@ module github.com/yokecd/yoke -go 1.23.0 +go 1.24.0 require ( github.com/alecthomas/chroma/v2 v2.15.0 github.com/charmbracelet/bubbles v0.20.0 - github.com/charmbracelet/bubbletea v1.3.2 + github.com/charmbracelet/bubbletea v1.3.3 github.com/charmbracelet/lipgloss v1.0.0 github.com/davidmdm/ansi v0.0.6 github.com/davidmdm/conf v0.0.8 @@ -13,7 +13,7 @@ require ( github.com/davidmdm/x/xerr v0.0.3 github.com/davidmdm/x/xruntime v0.0.5 github.com/go-git/go-git/v5 v5.13.2 - github.com/jedib0t/go-pretty/v6 v6.6.5 + github.com/jedib0t/go-pretty/v6 v6.6.6 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 github.com/stretchr/testify v1.10.0 github.com/tetratelabs/wazero v1.6.0 @@ -44,7 +44,7 @@ require ( github.com/cloudflare/circl v1.6.0 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/dlclark/regexp2 v1.11.4 // indirect + github.com/dlclark/regexp2 v1.11.5 // indirect github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect diff --git a/go.sum b/go.sum index 5a45389..a37a870 100644 --- a/go.sum +++ b/go.sum @@ -33,8 +33,8 @@ github.com/aymanbagabas/go-udiff v0.2.0 h1:TK0fH4MteXUDspT88n8CKzvK0X9O2xu9yQjWp github.com/aymanbagabas/go-udiff v0.2.0/go.mod h1:RE4Ex0qsGkTAJoQdQQCA0uG+nAzJO/pI/QwceO5fgrA= github.com/charmbracelet/bubbles v0.20.0 h1:jSZu6qD8cRQ6k9OMfR1WlM+ruM8fkPWkHvQWD9LIutE= github.com/charmbracelet/bubbles v0.20.0/go.mod h1:39slydyswPy+uVOHZ5x/GjwVAFkCsV8IIVy+4MhzwwU= -github.com/charmbracelet/bubbletea v1.3.2 h1:nc+gDivH0P8ii8CUcf3zCN/PiUz7LKbp3Iz+vYPScNY= -github.com/charmbracelet/bubbletea v1.3.2/go.mod h1:dtcUCyCGEX3g9tosuYiut3MXgY/Jsv9nKVdibKKRRXo= +github.com/charmbracelet/bubbletea v1.3.3 h1:WpU6fCY0J2vDWM3zfS3vIDi/ULq3SYphZhkAGGvmEUY= +github.com/charmbracelet/bubbletea v1.3.3/go.mod h1:dtcUCyCGEX3g9tosuYiut3MXgY/Jsv9nKVdibKKRRXo= github.com/charmbracelet/lipgloss v1.0.0 h1:O7VkGDvqEdGi93X+DeqsQ7PKHDgtQfF8j8/O2qFMQNg= github.com/charmbracelet/lipgloss v1.0.0/go.mod h1:U5fy9Z+C38obMs+T+tJqst9VGzlOYGj4ri9reL3qUlo= github.com/charmbracelet/x/ansi v0.8.0 h1:9GTq3xq9caJW8ZrBTe0LIe2fvfLR/bYXKTx2llXn7xE= @@ -61,8 +61,8 @@ github.com/davidmdm/x/xerr v0.0.3 h1:WwHvo6qzR+eRmHq69Ftgb7PL9832iwy313XpQyJRGtM github.com/davidmdm/x/xerr v0.0.3/go.mod h1:nEfdhUc3O/FmGUGLiJp2hHRhBeANkon7PJexIQ1DlAE= github.com/davidmdm/x/xruntime v0.0.5 h1:qIL9l5vHae7IDbSRTAAmjb1Tsldespr0uMMYqxpproI= github.com/davidmdm/x/xruntime v0.0.5/go.mod h1:kWVLaIS0EKxZ5NkeSytIDmKBlZjDrAnqbClPhdmUDu4= -github.com/dlclark/regexp2 v1.11.4 h1:rPYF9/LECdNymJufQKmri9gV604RvvABwgOA8un7yAo= -github.com/dlclark/regexp2 v1.11.4/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= +github.com/dlclark/regexp2 v1.11.5 h1:Q/sSnsKerHeCkc/jSTNq1oCm7KiVgUMZRDUoRu0JQZQ= +github.com/dlclark/regexp2 v1.11.5/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/elazarl/goproxy v1.4.0 h1:4GyuSbFa+s26+3rmYNSuUVsx+HgPrV1bk1jXI0l9wjM= github.com/elazarl/goproxy v1.4.0/go.mod h1:X/5W/t+gzDyLfHW4DrMdpjqYjpXsURlBt9lpBDxZZZQ= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= @@ -121,8 +121,8 @@ github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jedib0t/go-pretty/v6 v6.6.5 h1:9PgMJOVBedpgYLI56jQRJYqngxYAAzfEUua+3NgSqAo= -github.com/jedib0t/go-pretty/v6 v6.6.5/go.mod h1:Uq/HrbhuFty5WSVNfjpQQe47x16RwVGXIveNGEyGtHs= +github.com/jedib0t/go-pretty/v6 v6.6.6 h1:LyezkL+1SuqH2z47e5IMQkYUIcs2BD+MnpdPRiRcN0c= +github.com/jedib0t/go-pretty/v6 v6.6.6/go.mod h1:YwC5CE4fJ1HFUDeivSV1r//AmANFHyqczZk+U6BDALU= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= diff --git a/internal/atc/atc.go b/internal/atc/atc.go index da2e9d3..04aab56 100644 --- a/internal/atc/atc.go +++ b/internal/atc/atc.go @@ -203,7 +203,8 @@ func (atc atc) Reconcile(ctx context.Context, event ctrl.Event) (result ctrl.Res return fmt.Errorf("failed to load wasm: %w", err) } mod, err := wasi.Compile(ctx, wasi.CompileParams{ - Wasm: data, + Wasm: data, + Client: ctrl.Client(ctx), }) if err != nil { return fmt.Errorf("failed to compile wasm: %w", err) @@ -349,13 +350,10 @@ func (atc atc) Reconcile(ctx context.Context, event ctrl.Event) (result ctrl.Res flightController, err := ctrl.NewController(flightCtx, ctrl.Params{ GK: flightGK, Handler: atc.FlightReconciler(FlightReconcilerParams{ - GK: flightGK, - Airway: typedAirway.Name, - Version: storageVersion, - Flight: modules.Flight, - FixDriftInterval: typedAirway.Spec.FixDriftInterval.Duration(), - CreateCrds: typedAirway.Spec.CreateCRDs, - ObjectPath: typedAirway.Spec.ObjectPath, + GK: flightGK, + Airway: typedAirway, + Version: storageVersion, + Flight: modules.Flight, }), Client: ctrl.Client(ctx), Logger: ctrl.RootLogger(ctx), @@ -393,13 +391,10 @@ func (atc atc) Teardown() { } type FlightReconcilerParams struct { - GK schema.GroupKind - Airway string - Version string - Flight *wasm.Module - FixDriftInterval time.Duration - CreateCrds bool - ObjectPath []string + GK schema.GroupKind + Version string + Flight *wasm.Module + Airway v1alpha1.Airway } func (atc atc) FlightReconciler(params FlightReconcilerParams) ctrl.HandleFunc { @@ -495,9 +490,9 @@ func (atc atc) FlightReconciler(params FlightReconcilerParams) ctrl.HandleFunc { return ctrl.Result{}, nil } - object, _, err := unstructured.NestedFieldNoCopy(resource.Object, params.ObjectPath...) + object, _, err := unstructured.NestedFieldNoCopy(resource.Object, params.Airway.Spec.ObjectPath...) if err != nil { - return ctrl.Result{}, fmt.Errorf("failed to get object path from: %q: %v", strings.Join(params.ObjectPath, ","), err) + return ctrl.Result{}, fmt.Errorf("failed to get object path from: %q: %v", strings.Join(params.Airway.Spec.ObjectPath, ","), err) } data, err := json.Marshal(object) @@ -513,6 +508,7 @@ func (atc atc) FlightReconciler(params FlightReconcilerParams) ctrl.HandleFunc { Input: bytes.NewReader(data), Namespace: event.Namespace, }, + ClusterAccess: params.Airway.Spec.ClusterAccess, OwnerReferences: []metav1.OwnerReference{ { APIVersion: resource.GetAPIVersion(), @@ -544,7 +540,7 @@ func (atc atc) FlightReconciler(params FlightReconcilerParams) ctrl.HandleFunc { ctrl.Logger(ctx).Warn("takeoff succeeded despite warnings", "warning", err) } - if params.FixDriftInterval > 0 { + if params.Airway.Spec.FixDriftInterval > 0 { flightStatus("InProgress", "Fixing drift / turbulence") if err := commander.Turbulence(ctx, yoke.TurbulenceParams{ Release: event.String(), @@ -557,7 +553,7 @@ func (atc atc) FlightReconciler(params FlightReconcilerParams) ctrl.HandleFunc { flightStatus("Ready", "Successfully deployed") - return ctrl.Result{RequeueAfter: params.FixDriftInterval}, nil + return ctrl.Result{RequeueAfter: params.Airway.Spec.FixDriftInterval.Duration()}, nil } } diff --git a/internal/wasi/wasi.go b/internal/wasi/wasi.go index 8468b0b..53a7bf9 100644 --- a/internal/wasi/wasi.go +++ b/internal/wasi/wasi.go @@ -2,6 +2,7 @@ package wasi import ( "bytes" + "cmp" "context" "crypto/rand" "fmt" @@ -9,11 +10,21 @@ import ( "reflect" "github.com/tetratelabs/wazero" + "github.com/tetratelabs/wazero/api" "github.com/tetratelabs/wazero/imports/wasi_snapshot_preview1" + "k8s.io/apimachinery/pkg/api/meta" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/client-go/dynamic" + "github.com/davidmdm/x/xerr" + kerrors "k8s.io/apimachinery/pkg/api/errors" + "github.com/yokecd/yoke/internal" + "github.com/yokecd/yoke/internal/k8s" + "github.com/yokecd/yoke/internal/wasm" ) type ExecParams struct { @@ -24,6 +35,7 @@ type ExecParams struct { Args []string Env map[string]string CacheDir string + Client *k8s.Client } func Execute(ctx context.Context, params ExecParams) (output []byte, err error) { @@ -36,6 +48,7 @@ func Execute(ctx context.Context, params ExecParams) (output []byte, err error) mod, err := Compile(ctx, CompileParams{ Wasm: params.Wasm, CacheDir: params.CacheDir, + Client: params.Client, }) if err != nil { return nil, nil, fmt.Errorf("failed to compile module: %w", err) @@ -89,6 +102,7 @@ func Execute(ctx context.Context, params ExecParams) (output []byte, err error) type CompileParams struct { Wasm []byte CacheDir string + Client *k8s.Client } type Module struct { @@ -143,6 +157,74 @@ func Compile(ctx context.Context, params CompileParams) (Module, error) { runtime := wazero.NewRuntimeWithConfig(ctx, cfg) + hostModule := runtime.NewHostModuleBuilder("host") + + for name, fn := range map[string]any{ + "k8s_lookup": func(ctx context.Context, module api.Module, stateRef wasm.Ptr, name, namespace, kind, apiVersion wasm.String) wasm.Buffer { + if params.Client == nil { + return wasm.Error(ctx, module, stateRef, wasm.StateFeatureNotGranted, "") + } + + gv, err := schema.ParseGroupVersion(apiVersion.Load(module)) + if err != nil { + return wasm.Error(ctx, module, stateRef, wasm.StateError, err.Error()) + } + + mapping, err := params.Client.Mapper.RESTMapping(schema.GroupKind{Group: gv.Group, Kind: kind.Load(module)}, gv.Version) + if err != nil { + return wasm.Error(ctx, module, stateRef, wasm.StateError, err.Error()) + } + + intf := func() dynamic.ResourceInterface { + intf := params.Client.Dynamic.Resource(mapping.Resource) + if mapping.Scope == meta.RESTScopeNamespace { + return intf.Namespace(cmp.Or(namespace.Load(module), "default")) + } + return intf + }() + + resource, err := intf.Get(ctx, name.Load(module), metav1.GetOptions{}) + if err != nil { + errState := func() wasm.State { + switch { + case kerrors.IsNotFound(err): + return wasm.StateNotFound + case kerrors.IsForbidden(err): + return wasm.StateForbidden + case kerrors.IsUnauthorized(err): + return wasm.StateUnauthenticated + default: + return wasm.StateError + } + }() + return wasm.Error(ctx, module, stateRef, errState, err.Error()) + } + + data, err := resource.MarshalJSON() + if err != nil { + return wasm.Error(ctx, module, stateRef, wasm.StateError, err.Error()) + } + + results, err := module.ExportedFunction("malloc").Call(ctx, uint64(len(data))) + if err != nil { + // if we cannot malloc, let's crash with gumption. + panic(err) + } + + buffer := wasm.Buffer(results[0]) + + module.Memory().Write(buffer.Address(), data) + + return buffer + }, + } { + hostModule = hostModule.NewFunctionBuilder().WithFunc(fn).Export(name) + } + + if _, err := hostModule.Instantiate(ctx); err != nil { + return Module{}, fmt.Errorf("failed to instantiate host module: %w", err) + } + wasi_snapshot_preview1.MustInstantiate(ctx, runtime) mod, err := runtime.CompileModule(ctx, params.Wasm) diff --git a/internal/wasm/wasm.go b/internal/wasm/wasm.go new file mode 100644 index 0000000..edfc875 --- /dev/null +++ b/internal/wasm/wasm.go @@ -0,0 +1,98 @@ +package wasm + +import ( + "cmp" + "context" + "unsafe" + + "github.com/tetratelabs/wazero/api" +) + +type ( + String uint64 + Buffer uint64 + Ptr uint32 +) + +// State is used to convey the state of a host module function call. Given that a host function +// will generally do something the wasm module cannot do, it will likely do some sort of IO. +// This means that the call can either succeed or fail with some error. This allows us to interpret +// the returned memory buffer as either containing a value or an error. +// +// State is a uint32 allowing us to define well-known generic errors that packages can use to express semantic meaning. +// It is not exhaustive. As new use cases are added, we can add new semantic errors. +// +// Currently the only host function we expose is k8s.Lookup, this means means the host function can set any of the below states +// and the k8s package can use them to return meaningful error types to the user that they can in turn act upon. +type State uint32 + +const ( + StateOK State = iota + StateFeatureNotGranted + StateError + StateNotFound + StateUnauthenticated + StateForbidden +) + +func PtrTo[T any](value *T) Ptr { + return Ptr(uintptr(unsafe.Pointer(value))) +} + +func Malloc(ctx context.Context, module api.Module, data []byte) Buffer { + results, err := module.ExportedFunction("malloc").Call(ctx, uint64(len(data))) + if err != nil { + panic(err) + } + buffer := Buffer(results[0]) + module.Memory().Write(buffer.Address(), data) + return buffer +} + +func Error(ctx context.Context, module api.Module, ptr Ptr, state State, err string) Buffer { + mem := module.Memory() + mem.WriteUint32Le(uint32(ptr), uint32(cmp.Or(state, StateError))) + return Malloc(ctx, module, []byte(err)) +} + +func (value String) Load(module api.Module) string { + return string(value.LoadBytes(module)) +} + +func (value String) LoadBytes(module api.Module) []byte { + data, ok := module.Memory().Read(uint32(value>>32), uint32(value)) + if !ok { + panic("memory read out of bounds") + } + return data +} + +func FromString(value string) String { + position := uint32(uintptr(unsafe.Pointer(unsafe.StringData(value)))) + bytes := uint32(len(value)) + return String(uint64(position)<<32 | uint64(bytes)) +} + +func FromSlice(value []byte) Buffer { + if len(value) == 0 { + return 0 + } + ptr := uint64(uintptr(unsafe.Pointer(&value[0]))) + return Buffer(ptr<<32 | uint64(len(value))) +} + +func (buffer Buffer) Address() uint32 { + return uint32(buffer >> 32) +} + +func (buffer Buffer) Length() uint32 { + return uint32((buffer << 32) >> 32) +} + +func (buffer Buffer) Slice() []byte { + return unsafe.Slice((*byte)(unsafe.Pointer(uintptr(buffer.Address()))), buffer.Length()) +} + +func (buffer Buffer) String() string { + return unsafe.String((*byte)(unsafe.Pointer(uintptr(buffer.Address()))), buffer.Length()) +} diff --git a/pkg/apis/airway/v1alpha1/airway.go b/pkg/apis/airway/v1alpha1/airway.go index a312ed1..d766911 100644 --- a/pkg/apis/airway/v1alpha1/airway.go +++ b/pkg/apis/airway/v1alpha1/airway.go @@ -20,7 +20,7 @@ type Airway struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec AirwaySpec `json:"spec"` - Status flight.Status `json:"status,omitempty"` + Status flight.Status `json:"status,omitzero"` } type AirwaySpec struct { @@ -38,9 +38,8 @@ type AirwaySpec struct { // you to enforce the desired state of your resource against external manipulation. FixDriftInterval openapi.Duration `json:"fixDriftInterval,omitempty"` - // CreateCRDs indicates that CRDs generated from instantiating the resource should be applied. By default, - // CRDs are not applied. It is generally recommended to install CustomResourceDefinitions beforehand. - CreateCRDs bool `json:"createCrds,omitempty"` + // ClusterAccess allows the flight to lookup resources in the cluster. Resources are limited to those owned by the calling release. + ClusterAccess bool `json:"clusterAccess,omitempty"` // Template is the CustomResourceDefinition Specification to create. A CRD will be created using this specification // and bound to the implementation defined by the WasmURLs.Flight property. diff --git a/pkg/flight/wasi/k8s/errors.go b/pkg/flight/wasi/k8s/errors.go new file mode 100644 index 0000000..72d1e08 --- /dev/null +++ b/pkg/flight/wasi/k8s/errors.go @@ -0,0 +1,44 @@ +package k8s + +import "errors" + +type ErrorNotFound string + +func (err ErrorNotFound) Error() string { return string(err) } + +func (ErrorNotFound) Is(target error) bool { + _, ok := target.(ErrorNotFound) + return ok +} + +func IsErrNotFound(err error) bool { + return errors.Is(err, ErrorNotFound("")) +} + +type ErrorUnauthenticated string + +func (err ErrorUnauthenticated) Error() string { return string(err) } + +func (ErrorUnauthenticated) Is(target error) bool { + _, ok := target.(ErrorUnauthenticated) + return ok +} + +func IsErrUnauthenticated(err error) bool { + return errors.Is(err, ErrorUnauthenticated("")) +} + +type ErrorForbidden string + +func (err ErrorForbidden) Error() string { return string(err) } + +func (ErrorForbidden) Is(target error) bool { + _, ok := target.(ErrorForbidden) + return ok +} + +func IsErrForbidden(err error) bool { + return errors.Is(err, ErrorForbidden("")) +} + +var ErrorClusterAccessNotGranted = errors.New("access to the cluster has not been granted for this flight invocation") diff --git a/pkg/flight/wasi/k8s/k8s.go b/pkg/flight/wasi/k8s/k8s.go new file mode 100644 index 0000000..4df77f9 --- /dev/null +++ b/pkg/flight/wasi/k8s/k8s.go @@ -0,0 +1,76 @@ +package k8s + +import ( + "encoding/json" + "errors" + + "github.com/yokecd/yoke/internal" + "github.com/yokecd/yoke/internal/wasm" + + "github.com/yokecd/yoke/pkg/flight" + // Make sure to include wasi as it contains necessary "malloc" export that will be needed + // for the host to allocate a wasm.Buffer. IE: any wasm module that uses this package exports wasi.malloc + _ "github.com/yokecd/yoke/pkg/flight/wasi" +) + +type ResourceIdentifier struct { + Name string + Namespace string + Kind string + ApiVersion string +} + +func Lookup[T any](identifier ResourceIdentifier) (*T, error) { + var state wasm.State + + buffer := lookup( + wasm.PtrTo(&state), + wasm.FromString(identifier.Name), + wasm.FromString(identifier.Namespace), + wasm.FromString(identifier.Kind), + wasm.FromString(identifier.ApiVersion), + ) + + switch state { + case wasm.StateOK: + var obj struct { + Metadata struct { + Labels map[string]string `json:"labels,omitempty"` + } `json:"metadata,omitempty"` + } + if err := json.Unmarshal(buffer.Slice(), &obj); err != nil { + return nil, err + } + + labels := func() map[string]string { + if obj.Metadata.Labels == nil { + return map[string]string{} + } + return obj.Metadata.Labels + }() + + if labels[internal.LabelYokeRelease] != flight.Release() || labels[internal.LabelYokeReleaseNS] != flight.Namespace() { + return nil, ErrorForbidden("cannot access resource outside of target release ownership") + } + + var resource T + if err := json.Unmarshal(buffer.Slice(), &resource); err != nil { + return nil, err + } + + return &resource, nil + case wasm.StateFeatureNotGranted: + return nil, ErrorClusterAccessNotGranted + case wasm.StateError: + return nil, errors.New(buffer.String()) + case wasm.StateForbidden: + return nil, ErrorForbidden(buffer.String()) + case wasm.StateNotFound: + return nil, ErrorNotFound(buffer.String()) + case wasm.StateUnauthenticated: + return nil, ErrorUnauthenticated(buffer.String()) + + default: + panic("unknown state") + } +} diff --git a/pkg/flight/wasi/k8s/lookup.go b/pkg/flight/wasi/k8s/lookup.go new file mode 100644 index 0000000..7861514 --- /dev/null +++ b/pkg/flight/wasi/k8s/lookup.go @@ -0,0 +1,9 @@ +//go:build !wasip1 + +package k8s + +import "github.com/yokecd/yoke/internal/wasm" + +func lookup(ptr wasm.Ptr, name, namespace, kind, apiversion wasm.String) wasm.Buffer { + panic("mock lookup not implemented: should be used in the context of wasip1") +} diff --git a/pkg/flight/wasi/k8s/lookup_wasip1.go b/pkg/flight/wasi/k8s/lookup_wasip1.go new file mode 100644 index 0000000..5e621fa --- /dev/null +++ b/pkg/flight/wasi/k8s/lookup_wasip1.go @@ -0,0 +1,8 @@ +//go:build wasip1 + +package k8s + +import "github.com/yokecd/yoke/internal/wasm" + +//go:wasmimport host k8s_lookup +func lookup(ptr wasm.Ptr, name, namespace, kind, apiversion wasm.String) wasm.Buffer diff --git a/pkg/flight/wasi/malloc.go b/pkg/flight/wasi/malloc.go new file mode 100644 index 0000000..96ad173 --- /dev/null +++ b/pkg/flight/wasi/malloc.go @@ -0,0 +1,10 @@ +// wasi exports essentials from the wasm client-side for working with wasm from the host. +// It exports a "malloc" func to let hosts allocate memory within the wasm module. +package wasi + +import "github.com/yokecd/yoke/internal/wasm" + +//go:wasmexport malloc +func malloc(size uint32) wasm.Buffer { + return wasm.FromSlice(make([]byte, size)) +} diff --git a/pkg/openapi/schema.go b/pkg/openapi/schema.go index 14ad723..0c06cb8 100644 --- a/pkg/openapi/schema.go +++ b/pkg/openapi/schema.go @@ -115,7 +115,7 @@ func generateSchema(typ reflect.Type, top bool, cache typeCache) *apiext.JSONSch continue } - if !strings.HasSuffix(jTag, ",omitempty") && f.Type.Kind() != reflect.Pointer { + if !strings.HasSuffix(jTag, ",omitempty") && !strings.HasSuffix(jTag, ",omitzero") && f.Type.Kind() != reflect.Pointer { schema.Required = append(schema.Required, key) } diff --git a/pkg/openapi/schema_test.go b/pkg/openapi/schema_test.go index e573a5d..962a658 100644 --- a/pkg/openapi/schema_test.go +++ b/pkg/openapi/schema_test.go @@ -2,6 +2,7 @@ package openapi_test import ( "encoding/json" + "os" "reflect" "testing" @@ -84,6 +85,8 @@ func TestAirwaySchema(t *testing.T) { data, err := json.MarshalIndent(schema, "", " ") require.NoError(t, err) + os.WriteFile("temp.schema.json", data, 0644) + require.JSONEq(t, string(data), `{ "type": "object", "required": [ @@ -97,7 +100,7 @@ func TestAirwaySchema(t *testing.T) { "template" ], "properties": { - "createCrds": { + "clusterAccess": { "type": "boolean" }, "fixDriftInterval": { diff --git a/pkg/openapi/temp.schema.json b/pkg/openapi/temp.schema.json new file mode 100644 index 0000000..b642cc6 --- /dev/null +++ b/pkg/openapi/temp.schema.json @@ -0,0 +1,550 @@ +{ + "type": "object", + "required": [ + "spec" + ], + "properties": { + "spec": { + "type": "object", + "required": [ + "wasmUrls", + "template" + ], + "properties": { + "clusterAccess": { + "type": "boolean" + }, + "fixDriftInterval": { + "type": "string" + }, + "objectPath": { + "type": "array", + "items": { + "type": "string" + } + }, + "template": { + "type": "object", + "required": [ + "group", + "names", + "scope", + "versions" + ], + "properties": { + "conversion": { + "type": "object", + "required": [ + "strategy" + ], + "properties": { + "strategy": { + "type": "string" + }, + "webhook": { + "type": "object", + "required": [ + "conversionReviewVersions" + ], + "properties": { + "clientConfig": { + "type": "object", + "properties": { + "caBundle": { + "type": "array", + "items": { + "type": "integer" + } + }, + "service": { + "type": "object", + "required": [ + "namespace", + "name" + ], + "properties": { + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "path": { + "type": "string" + }, + "port": { + "type": "integer" + } + } + }, + "url": { + "type": "string" + } + } + }, + "conversionReviewVersions": { + "type": "array", + "items": { + "type": "string" + } + } + } + } + } + }, + "group": { + "type": "string" + }, + "names": { + "type": "object", + "required": [ + "plural", + "kind" + ], + "properties": { + "categories": { + "type": "array", + "items": { + "type": "string" + } + }, + "kind": { + "type": "string" + }, + "listKind": { + "type": "string" + }, + "plural": { + "type": "string" + }, + "shortNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "singular": { + "type": "string" + } + } + }, + "preserveUnknownFields": { + "type": "boolean" + }, + "scope": { + "type": "string" + }, + "versions": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name", + "served", + "storage" + ], + "properties": { + "additionalPrinterColumns": { + "type": "array", + "items": { + "type": "object", + "required": [ + "name", + "type", + "jsonPath" + ], + "properties": { + "description": { + "type": "string" + }, + "format": { + "type": "string" + }, + "jsonPath": { + "type": "string" + }, + "name": { + "type": "string" + }, + "priority": { + "type": "integer" + }, + "type": { + "type": "string" + } + } + } + }, + "deprecated": { + "type": "boolean" + }, + "deprecationWarning": { + "type": "string" + }, + "name": { + "type": "string" + }, + "schema": { + "type": "object", + "properties": { + "openAPIV3Schema": { + "type": "object", + "properties": { + "$ref": { + "type": "string" + }, + "$schema": { + "type": "string" + }, + "additionalItems": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaPropsOrBool", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "additionalProperties": { + "type": "object", + "required": [ + "Allows" + ], + "properties": { + "Allows": { + "type": "boolean" + }, + "Schema": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + } + }, + "allOf": { + "type": "array", + "items": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "anyOf": { + "type": "array", + "items": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "default": { + "type": "object", + "required": [ + "-" + ], + "properties": { + "-": { + "type": "array", + "items": { + "type": "integer" + } + } + } + }, + "definitions": { + "type": "object", + "additionalProperties": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "dependencies": { + "type": "object", + "additionalProperties": { + "type": "object", + "required": [ + "Property" + ], + "properties": { + "Property": { + "type": "array", + "items": { + "type": "string" + } + }, + "Schema": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + } + } + }, + "description": { + "type": "string" + }, + "enum": { + "type": "array", + "items": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSON", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "example": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSON", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "exclusiveMaximum": { + "type": "boolean" + }, + "exclusiveMinimum": { + "type": "boolean" + }, + "externalDocs": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "url": { + "type": "string" + } + } + }, + "format": { + "type": "string" + }, + "id": { + "type": "string" + }, + "items": { + "type": "object", + "required": [ + "JSONSchemas" + ], + "properties": { + "JSONSchemas": { + "type": "array", + "items": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "Schema": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + } + }, + "maxItems": { + "type": "integer" + }, + "maxLength": { + "type": "integer" + }, + "maxProperties": { + "type": "integer" + }, + "maximum": { + "type": "number" + }, + "minItems": { + "type": "integer" + }, + "minLength": { + "type": "integer" + }, + "minProperties": { + "type": "integer" + }, + "minimum": { + "type": "number" + }, + "multipleOf": { + "type": "number" + }, + "not": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + }, + "nullable": { + "type": "boolean" + }, + "oneOf": { + "type": "array", + "items": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "pattern": { + "type": "string" + }, + "patternProperties": { + "type": "object", + "additionalProperties": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "properties": { + "type": "object", + "additionalProperties": { + "description": "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:JSONSchemaProps", + "type": "object", + "x-kubernetes-preserve-unknown-fields": true + } + }, + "required": { + "type": "array", + "items": { + "type": "string" + } + }, + "title": { + "type": "string" + }, + "type": { + "type": "string" + }, + "uniqueItems": { + "type": "boolean" + }, + "x-kubernetes-embedded-resource": { + "type": "boolean" + }, + "x-kubernetes-int-or-string": { + "type": "boolean" + }, + "x-kubernetes-list-map-keys": { + "type": "array", + "items": { + "type": "string" + } + }, + "x-kubernetes-list-type": { + "type": "string" + }, + "x-kubernetes-map-type": { + "type": "string" + }, + "x-kubernetes-preserve-unknown-fields": { + "type": "boolean" + }, + "x-kubernetes-validations": { + "type": "array", + "items": { + "type": "object", + "required": [ + "rule" + ], + "properties": { + "fieldPath": { + "type": "string" + }, + "message": { + "type": "string" + }, + "messageExpression": { + "type": "string" + }, + "optionalOldSelf": { + "type": "boolean" + }, + "reason": { + "type": "string" + }, + "rule": { + "type": "string" + } + } + } + } + } + } + } + }, + "selectableFields": { + "type": "array", + "items": { + "type": "object", + "required": [ + "jsonPath" + ], + "properties": { + "jsonPath": { + "type": "string" + } + } + } + }, + "served": { + "type": "boolean" + }, + "storage": { + "type": "boolean" + }, + "subresources": { + "type": "object", + "properties": { + "scale": { + "type": "object", + "required": [ + "specReplicasPath", + "statusReplicasPath" + ], + "properties": { + "labelSelectorPath": { + "type": "string" + }, + "specReplicasPath": { + "type": "string" + }, + "statusReplicasPath": { + "type": "string" + } + } + }, + "status": { + "type": "object" + } + } + } + } + } + } + } + }, + "wasmUrls": { + "type": "object", + "required": [ + "flight" + ], + "properties": { + "converter": { + "type": "string" + }, + "flight": { + "type": "string" + } + } + } + } + }, + "status": { + "type": "object", + "properties": { + "msg": { + "type": "string" + }, + "status": { + "type": "string" + } + } + } + } +} \ No newline at end of file diff --git a/pkg/yoke/wasm.go b/pkg/yoke/wasm.go index 08895f3..766adef 100644 --- a/pkg/yoke/wasm.go +++ b/pkg/yoke/wasm.go @@ -16,6 +16,7 @@ import ( "github.com/davidmdm/x/xerr" "github.com/yokecd/yoke/internal" + "github.com/yokecd/yoke/internal/k8s" "github.com/yokecd/yoke/internal/wasi" ) @@ -92,7 +93,7 @@ func gzipReader(r io.Reader) io.Reader { return pr } -func EvalFlight(ctx context.Context, release string, flight FlightParams) ([]byte, []byte, error) { +func EvalFlight(ctx context.Context, client *k8s.Client, release string, flight FlightParams) ([]byte, []byte, error) { if flight.Input != nil && flight.Path == "" && flight.Module == nil { output, err := io.ReadAll(flight.Input) return output, nil, err @@ -120,6 +121,7 @@ func EvalFlight(ctx context.Context, release string, flight FlightParams) ([]byt "NAMESPACE": flight.Namespace, }, CacheDir: flight.CompilationCacheDir, + Client: client, }) if err != nil { return nil, nil, fmt.Errorf("failed to execute wasm: %w", err) diff --git a/pkg/yoke/yoke_takeoff.go b/pkg/yoke/yoke_takeoff.go index 7328f05..eee864c 100644 --- a/pkg/yoke/yoke_takeoff.go +++ b/pkg/yoke/yoke_takeoff.go @@ -83,12 +83,25 @@ type TakeoffParams struct { // OwnerReferences to be added to each resource found in release. OwnerReferences []metav1.OwnerReference + + // ClusterAccess grants the flight access to the kubernetes cluster. Users will be able to use the host k8s_lookup function. + ClusterAccess bool } func (commander Commander) Takeoff(ctx context.Context, params TakeoffParams) error { defer internal.DebugTimer(ctx, "takeoff of "+params.Release)() - output, wasm, err := EvalFlight(ctx, params.Release, params.Flight) + output, wasm, err := EvalFlight( + ctx, + func() *k8s.Client { + if !params.ClusterAccess { + return nil + } + return commander.k8s + }(), + params.Release, + params.Flight, + ) if err != nil { return fmt.Errorf("failed to evaluate flight: %w", err) }