diff --git a/operators/camel-k/2.5.0/manifests/builds.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/builds.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..e8686c21a5e --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/builds.camel.apache.org.crd.yaml @@ -0,0 +1,2085 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: builds.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: Build + listKind: BuildList + plural: builds + shortNames: + - ikb + singular: build + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The build phase + jsonPath: .status.phase + name: Phase + type: string + - description: The time at which the build was created + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: The time at which the build was last (re-)started + jsonPath: .status.startedAt + name: Started + type: date + - description: The build last execution duration + jsonPath: .status.duration + name: Duration + type: string + - description: The number of execution attempts + jsonPath: .status.failure.recovery.attempt + name: Attempts + type: integer + name: v1 + schema: + openAPIV3Schema: + description: Build is the Schema for the builds API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate + to think it as pipeline. + properties: + configuration: + description: |- + The configuration that should be used to perform the Build. + Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. Only used + for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only used for + `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. Only used + for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. Only used + for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder Pod (must + be the same of the operator in charge of this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to build a container + image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only used for + `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. Only used + for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the build. + type: string + type: object + maxRunningBuilds: + description: |- + the maximum amount of parallel running builds started by this operator instance + Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + format: int32 + type: integer + operatorNamespace: + description: |- + The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation). + Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + type: string + tasks: + description: The sequence of tasks (pipeline) to be performed. + items: + description: Task represents the abstract task. Only one of the + task should be configured to represent the specific task chosen. + properties: + buildah: + description: |- + a BuildahTask, for Buildah strategy + Deprecated: use jib, s2i or a custom publishing strategy instead + properties: + baseImage: + description: base image layer + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + contextDir: + description: can be useful to share info with other tasks + type: string + executorImage: + description: docker image to use + type: string + image: + description: final image name + type: string + name: + description: name of the task + type: string + platform: + description: The platform of build image + type: string + registry: + description: where to publish the final image + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate + Authority + type: string + insecure: + description: if the container registry is insecure (ie, + http only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + verbose: + description: log more information + type: boolean + type: object + builder: + description: a BuilderTask, used to generate and build the project + properties: + baseImage: + description: the base image layer + type: string + buildDir: + description: workspace directory to use + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + dependencies: + description: the list of dependencies to use for this build + items: + type: string + type: array + maven: + description: the configuration required by Maven for the + application build phase + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a + Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + repositories: + description: additional repositories + items: + description: Repository defines a Maven repository. + properties: + id: + description: identifies the repository + type: string + name: + description: name of the repository + type: string + releases: + description: can use stable releases + properties: + checksumPolicy: + description: |- + When Maven deploys files to the repository, it also deploys corresponding checksum files. + Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + type: string + enabled: + description: is the policy activated or not + type: boolean + updatePolicy: + description: |- + This element specifies how often updates should attempt to occur. + Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + type: string + required: + - enabled + type: object + snapshots: + description: can use snapshot + properties: + checksumPolicy: + description: |- + When Maven deploys files to the repository, it also deploys corresponding checksum files. + Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + type: string + enabled: + description: is the policy activated or not + type: boolean + updatePolicy: + description: |- + This element specifies how often updates should attempt to occur. + Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + type: string + required: + - enabled + type: object + url: + description: location of the repository + type: string + required: + - id + - url + type: object + type: array + servers: + description: Servers (auth) + items: + description: Server see link:https://maven.apache.org/settings.html[Maven + settings]. + properties: + configuration: + additionalProperties: + type: string + description: Properties -- . + type: object + id: + type: string + password: + type: string + username: + type: string + type: object + type: array + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + name: + description: name of the task + type: string + runtime: + description: the configuration required for the runtime + application + properties: + applicationClass: + description: application entry point (main) to be executed + type: string + capabilities: + additionalProperties: + description: |- + Capability is a particular feature which requires a well known set of dependencies and other properties + which are specified in the runtime catalog. + properties: + buildTimeProperties: + description: Set of required Camel build time + properties + items: + description: CamelProperty represents a Camel + property that may end up in an application.properties + file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + dependencies: + description: List of required Maven dependencies + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: Set of generic metadata + type: object + runtimeProperties: + description: Set of required Camel runtime properties + items: + description: CamelProperty represents a Camel + property that may end up in an application.properties + file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + description: features offered by this runtime + type: object + dependencies: + description: list of dependencies needed to run the + application + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: set of metadata + type: object + provider: + description: Camel main application provider, ie, Camel + Quarkus + type: string + version: + description: Camel K Runtime version + type: string + required: + - applicationClass + - dependencies + - provider + - version + type: object + sources: + description: the sources to add at build time + items: + description: SourceSpec defines the configuration for + one or more routes to be executed in a certain Camel + DSL language. + properties: + compression: + description: if the content is compressed (base64 + encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source + content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a + Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel + DSL) used to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the + source (e.g. if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described + by this object + type: string + type: object + type: array + steps: + description: the list of steps to execute (see pkg/builder/) + items: + type: string + type: array + type: object + custom: + description: User customizable task execution. These are executed + after the build and before the package task. + properties: + command: + description: |- + the command to execute + Deprecated: use ContainerCommands + type: string + commands: + description: the command to execute + items: + type: string + type: array + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + image: + description: the container image to use + type: string + name: + description: name of the task + type: string + publishingImage: + description: the desired image build name + type: string + userId: + description: the user id used to run the container + format: int64 + type: integer + type: object + jib: + description: a JibTask, for Jib strategy + properties: + baseImage: + description: base image layer + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + contextDir: + description: can be useful to share info with other tasks + type: string + image: + description: final image name + type: string + name: + description: name of the task + type: string + registry: + description: where to publish the final image + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate + Authority + type: string + insecure: + description: if the container registry is insecure (ie, + http only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + type: object + kaniko: + description: |- + a KanikoTask, for Kaniko strategy + Deprecated: use jib, s2i or a custom publishing strategy instead + properties: + baseImage: + description: base image layer + type: string + cache: + description: use a cache + properties: + enabled: + description: true if a cache is enabled + type: boolean + persistentVolumeClaim: + description: the PVC used to store the cache + type: string + type: object + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + contextDir: + description: can be useful to share info with other tasks + type: string + executorImage: + description: docker image to use + type: string + image: + description: final image name + type: string + name: + description: name of the task + type: string + registry: + description: where to publish the final image + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate + Authority + type: string + insecure: + description: if the container registry is insecure (ie, + http only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + verbose: + description: log more information + type: boolean + type: object + package: + description: |- + Application pre publishing + a PackageTask, used to package the project + properties: + baseImage: + description: the base image layer + type: string + buildDir: + description: workspace directory to use + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + dependencies: + description: the list of dependencies to use for this build + items: + type: string + type: array + maven: + description: the configuration required by Maven for the + application build phase + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a + Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + repositories: + description: additional repositories + items: + description: Repository defines a Maven repository. + properties: + id: + description: identifies the repository + type: string + name: + description: name of the repository + type: string + releases: + description: can use stable releases + properties: + checksumPolicy: + description: |- + When Maven deploys files to the repository, it also deploys corresponding checksum files. + Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + type: string + enabled: + description: is the policy activated or not + type: boolean + updatePolicy: + description: |- + This element specifies how often updates should attempt to occur. + Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + type: string + required: + - enabled + type: object + snapshots: + description: can use snapshot + properties: + checksumPolicy: + description: |- + When Maven deploys files to the repository, it also deploys corresponding checksum files. + Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + type: string + enabled: + description: is the policy activated or not + type: boolean + updatePolicy: + description: |- + This element specifies how often updates should attempt to occur. + Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + type: string + required: + - enabled + type: object + url: + description: location of the repository + type: string + required: + - id + - url + type: object + type: array + servers: + description: Servers (auth) + items: + description: Server see link:https://maven.apache.org/settings.html[Maven + settings]. + properties: + configuration: + additionalProperties: + type: string + description: Properties -- . + type: object + id: + type: string + password: + type: string + username: + type: string + type: object + type: array + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + name: + description: name of the task + type: string + runtime: + description: the configuration required for the runtime + application + properties: + applicationClass: + description: application entry point (main) to be executed + type: string + capabilities: + additionalProperties: + description: |- + Capability is a particular feature which requires a well known set of dependencies and other properties + which are specified in the runtime catalog. + properties: + buildTimeProperties: + description: Set of required Camel build time + properties + items: + description: CamelProperty represents a Camel + property that may end up in an application.properties + file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + dependencies: + description: List of required Maven dependencies + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: Set of generic metadata + type: object + runtimeProperties: + description: Set of required Camel runtime properties + items: + description: CamelProperty represents a Camel + property that may end up in an application.properties + file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + description: features offered by this runtime + type: object + dependencies: + description: list of dependencies needed to run the + application + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: set of metadata + type: object + provider: + description: Camel main application provider, ie, Camel + Quarkus + type: string + version: + description: Camel K Runtime version + type: string + required: + - applicationClass + - dependencies + - provider + - version + type: object + sources: + description: the sources to add at build time + items: + description: SourceSpec defines the configuration for + one or more routes to be executed in a certain Camel + DSL language. + properties: + compression: + description: if the content is compressed (base64 + encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source + content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a + Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel + DSL) used to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the + source (e.g. if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described + by this object + type: string + type: object + type: array + steps: + description: the list of steps to execute (see pkg/builder/) + items: + type: string + type: array + type: object + s2i: + description: a S2iTask, for S2I strategy + properties: + baseImage: + description: base image layer + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + contextDir: + description: can be useful to share info with other tasks + type: string + image: + description: final image name + type: string + name: + description: name of the task + type: string + registry: + description: where to publish the final image + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate + Authority + type: string + insecure: + description: if the container registry is insecure (ie, + http only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + tag: + description: used by the ImageStream + type: string + type: object + spectrum: + description: |- + a SpectrumTask, for Spectrum strategy + Deprecated: use jib, s2i or a custom publishing strategy instead + properties: + baseImage: + description: base image layer + type: string + configuration: + description: The configuration that should be used to perform + the Build. + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. + Only used for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only + used for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. + Only used for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. + Only used for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder + Pod (must be the same of the operator in charge of + this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to + build a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only + used for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. + Only used for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the + build. + type: string + type: object + contextDir: + description: can be useful to share info with other tasks + type: string + image: + description: final image name + type: string + name: + description: name of the task + type: string + registry: + description: where to publish the final image + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate + Authority + type: string + insecure: + description: if the container registry is insecure (ie, + http only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + type: object + type: object + type: array + timeout: + description: |- + Timeout defines the Build maximum execution duration. + The Build deadline is set to the Build start time plus the Timeout duration. + If the Build deadline is exceeded, the Build context is canceled, + and its phase set to BuildPhaseFailed. + format: duration + type: string + toolImage: + description: |- + The container image to be used to run the build. + Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + type: string + type: object + status: + description: BuildStatus defines the observed state of Build. + properties: + artifacts: + description: a list of artifacts contained in the build + items: + description: Artifact represents a materialized artifact (a jar + dependency or in general a file used by the build). + properties: + checksum: + description: a checksum (SHA1) of the content + type: string + id: + description: the identification (GAV for maven dependencies + or file name for other file types) + type: string + location: + description: where it is located in the builder `Pod` + type: string + target: + description: the expected location in the runtime + type: string + required: + - id + type: object + type: array + baseImage: + description: the base image used for this build + type: string + conditions: + description: a list of conditions occurred during the build + items: + description: BuildCondition describes the state of a resource at + a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of integration condition. + type: string + required: + - status + - type + type: object + type: array + digest: + description: the digest from image + type: string + duration: + description: |- + how long it took for the build + Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3 + https://github.com/OAI/OpenAPI-Specification/issues/845 + type: string + error: + description: the error description (if any) + type: string + failure: + description: the reason of the failure (if any) + properties: + reason: + description: a short text specifying the reason + type: string + recovery: + description: the recovery attempted for this failure + properties: + attempt: + description: attempt number + type: integer + attemptMax: + description: maximum number of attempts + type: integer + attemptTime: + description: time of the attempt execution + format: date-time + type: string + required: + - attempt + - attemptMax + type: object + time: + description: the time when the failure has happened + format: date-time + type: string + required: + - reason + - recovery + - time + type: object + image: + description: the image name built + type: string + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Build. + format: int64 + type: integer + phase: + description: describes the phase + type: string + rootImage: + description: root image (the first image from which the incremental + image has started) + type: string + startedAt: + description: the time when it started + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/camel-k.v2.5.0.clusterserviceversion.yaml b/operators/camel-k/2.5.0/manifests/camel-k.v2.5.0.clusterserviceversion.yaml new file mode 100644 index 00000000000..a10d2f90dae --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/camel-k.v2.5.0.clusterserviceversion.yaml @@ -0,0 +1,923 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "camel.apache.org/v1", + "kind": "Build", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "CamelCatalog", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "Integration", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example" + }, + "spec": { + "flows": [ + { + "from": { + "parameters": { + "period": "1000" + }, + "steps": [ + { + "setBody": { + "constant": "Hello from Camel K" + } + }, + { + "to": "log:info" + } + ], + "uri": "timer:yaml" + } + } + ] + } + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "IntegrationKit", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "IntegrationPlatform", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "camel-k" + }, + "spec": { + "build": {}, + "kamelet": {}, + "profile": "OpenShift" + }, + "status": { + "build": { + "maven": { + "settings": {} + }, + "registry": {} + }, + "kamelet": {} + } + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "IntegrationProfile", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "debug" + }, + "spec": { + "traits": { + "logging": { + "level": "DEBUG" + } + } + } + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "Kamelet", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example-source" + }, + "spec": { + "definition": { + "description": "Produces periodic events with a custom payload", + "properties": { + "message": { + "description": "The message to generate", + "title": "Message", + "type": "string" + }, + "period": { + "default": 1000, + "description": "The time interval between two events", + "title": "Period", + "type": "integer" + } + }, + "required": [ + "message" + ], + "title": "Example Timer" + }, + "template": { + "from": { + "parameters": { + "period": "#property:period" + }, + "steps": [ + { + "setBody": { + "constant": "#property:message" + } + }, + { + "to": "kamelet:sink" + } + ], + "uri": "timer:tick" + } + } + } + }, + { + "apiVersion": "camel.apache.org/v1", + "kind": "Pipe", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "timer-to-log-example" + }, + "spec": { + "sink": { + "ref": { + "apiVersion": "camel.apache.org/v1", + "kind": "Kamelet", + "name": "log-sink" + } + }, + "source": { + "properties": { + "message": "Hello world", + "period": 2000 + }, + "ref": { + "apiVersion": "camel.apache.org/v1", + "kind": "Kamelet", + "name": "timer-source" + } + } + } + }, + { + "apiVersion": "camel.apache.org/v1alpha1", + "kind": "Kamelet", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "example-source" + }, + "spec": { + "definition": { + "description": "Produces periodic events with a custom payload", + "properties": { + "message": { + "description": "The message to generate", + "title": "Message", + "type": "string" + }, + "period": { + "default": 1000, + "description": "The time interval between two events", + "title": "Period", + "type": "integer" + } + }, + "required": [ + "message" + ], + "title": "Example Timer" + }, + "template": { + "from": { + "parameters": { + "period": "#property:period" + }, + "steps": [ + { + "setBody": { + "constant": "#property:message" + } + }, + { + "to": "kamelet:sink" + } + ], + "uri": "timer:tick" + } + } + } + }, + { + "apiVersion": "camel.apache.org/v1alpha1", + "kind": "KameletBinding", + "metadata": { + "labels": { + "app": "camel-k" + }, + "name": "timer-to-log-example" + }, + "spec": { + "sink": { + "ref": { + "apiVersion": "camel.apache.org/v1alpha1", + "kind": "Kamelet", + "name": "log-sink" + } + }, + "source": { + "properties": { + "message": "Hello world", + "period": 2000 + }, + "ref": { + "apiVersion": "camel.apache.org/v1alpha1", + "kind": "Kamelet", + "name": "timer-source" + } + } + } + } + ] + capabilities: Full Lifecycle + categories: Integration & Delivery + certified: "false" + containerImage: docker.io/apache/camel-k:2.5.0 + createdAt: "2024-11-05T17:29:26Z" + description: Apache Camel K is a lightweight integration platform, born on Kubernetes, + with serverless superpowers. + operators.operatorframework.io/builder: operator-sdk-v1.30.0 + operators.operatorframework.io/internal-objects: '["builds.camel.apache.org","integrationkits.camel.apache.org","camelcatalogs.camel.apache.org"]' + operators.operatorframework.io/project_layout: go.kubebuilder.io/v2 + repository: https://github.com/apache/camel-k + support: Camel + name: camel-k-operator.v2.5.0 +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Build is the Schema for the builds API + displayName: Build + kind: Build + name: builds.camel.apache.org + version: v1 + - description: CamelCatalog is the Schema for the camelcatalogs API + displayName: Camel Catalog + kind: CamelCatalog + name: camelcatalogs.camel.apache.org + version: v1 + - description: IntegrationKit is the Schema for the integrationkits API + displayName: Integration Kit + kind: IntegrationKit + name: integrationkits.camel.apache.org + version: v1 + - description: IntegrationPlatform is the Schema for the integrationplatforms + API + displayName: Integration Platform + kind: IntegrationPlatform + name: integrationplatforms.camel.apache.org + version: v1 + - description: IntegrationProfile is the Schema for the integrationprofiles API + displayName: Integration Profile + kind: IntegrationProfile + name: integrationprofiles.camel.apache.org + version: v1 + - description: Integration is the Schema for the integrations API + displayName: Integration + kind: Integration + name: integrations.camel.apache.org + version: v1 + - description: KameletBinding is the Schema for the kameletbindings API + displayName: KameletBinding + kind: KameletBinding + name: kameletbindings.camel.apache.org + version: v1alpha1 + - description: Kamelet is the Schema for the kamelets API + displayName: Kamelet + kind: Kamelet + name: kamelets.camel.apache.org + version: v1 + - description: Kamelet is the Schema for the kamelets API + displayName: Kamelet + kind: Kamelet + name: kamelets.camel.apache.org + version: v1alpha1 + - description: Pipe is the Schema for the pipes API + displayName: Pipe + kind: Pipe + name: pipes.camel.apache.org + version: v1 + description: | + Apache Camel K + ============== + + Apache Camel K is a lightweight integration platform, born on Kubernetes, with serverless superpowers: + the easiest way to build and manage your Camel applications on Kubernetes. + + ## Installation + + You may need to specify the container registry where to store the container images created for the Camel applications. + To start using Camel K, install the operator and then create the following `IntegrationPlatform`: + ``` + apiVersion: camel.apache.org/v1 + kind: IntegrationPlatform + metadata: + name: camel-k + labels: + app: "camel-k" + spec: + build: + registry: + address: docker.io/my-org + ``` + + An `IntegrationPlatform` resource is automatically created by default on OpenShift, so you can skip this step when using Openshift cluster. + + ## Running an Integration + + Run a Camel application on the cluster by creating a sample `Integration`, e.g.: + ``` + apiVersion: camel.apache.org/v1 + kind: Integration + metadata: + annotations: + camel.apache.org/operator.id: camel-k + name: test + spec: + flows: + - from: + parameters: + period: "1000" + steps: + - setBody: + simple: Hello Camel from ${routeId} + - log: ${body} + uri: timer:yaml + ``` + Log the result of the running application: + ``` + kubectl wait --for=condition=ready integration test --timeout=180s + kubectl logs deployment/test -f + ``` + displayName: Camel K Operator + icon: + - base64data: PHN2ZyB2aWV3Qm94PSIwIDAgMTMwLjIxIDEzMC4wMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj48ZGVmcz48bGluZWFyR3JhZGllbnQgaWQ9ImEiIHgxPSIzMzMuNDgiIHgyPSI0NzciIHkxPSI3MDIuNiIgeTI9IjU2My43MyIgZ3JhZGllbnRUcmFuc2Zvcm09InRyYW5zbGF0ZSg5NC4wMzggMjc2LjA2KSBzY2FsZSguOTkyMDYpIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSI+PHN0b3Agc3RvcC1jb2xvcj0iI0Y2OTkyMyIgb2Zmc2V0PSIwIi8+PHN0b3Agc3RvcC1jb2xvcj0iI0Y3OUEyMyIgb2Zmc2V0PSIuMTEiLz48c3RvcCBzdG9wLWNvbG9yPSIjRTk3ODI2IiBvZmZzZXQ9Ii45NDUiLz48L2xpbmVhckdyYWRpZW50PjxsaW5lYXJHcmFkaWVudCBpZD0iYiIgeDE9IjMzMy40OCIgeDI9IjQ3NyIgeTE9IjcwMi42IiB5Mj0iNTYzLjczIiBncmFkaWVudFRyYW5zZm9ybT0idHJhbnNsYXRlKDk0LjAzOCAyNzYuMDYpIHNjYWxlKC45OTIwNikiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj48c3RvcCBzdG9wLWNvbG9yPSIjRjY5OTIzIiBvZmZzZXQ9IjAiLz48c3RvcCBzdG9wLWNvbG9yPSIjRjc5QTIzIiBvZmZzZXQ9Ii4wOCIvPjxzdG9wIHN0b3AtY29sb3I9IiNFOTc4MjYiIG9mZnNldD0iLjQxOSIvPjwvbGluZWFyR3JhZGllbnQ+PGxpbmVhckdyYWRpZW50IGlkPSJjIiB4MT0iNjMzLjU1IiB4Mj0iNTY2LjQ3IiB5MT0iODE0LjYiIHkyPSI5MDkuMTIiIGdyYWRpZW50VHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTg1LjQyMSA1Ni4yMzYpIiBncmFkaWVudFVuaXRzPSJ1c2VyU3BhY2VPblVzZSI+PHN0b3Agc3RvcC1jb2xvcj0iI2Y2ZTQyMyIgb2Zmc2V0PSIwIi8+PHN0b3Agc3RvcC1jb2xvcj0iI0Y3OUEyMyIgb2Zmc2V0PSIuNDEyIi8+PHN0b3Agc3RvcC1jb2xvcj0iI0U5NzgyNiIgb2Zmc2V0PSIuNzMzIi8+PC9saW5lYXJHcmFkaWVudD48L2RlZnM+PGcgdHJhbnNmb3JtPSJ0cmFuc2xhdGUoLTQzNy44OSAtODM1LjI5KSI+PGNpcmNsZSBjeD0iNTAzLjEiIGN5PSI5MDAuMjkiIHI9IjYyLjUyIiBmaWxsPSJ1cmwoI2EpIiBzdHJva2U9InVybCgjYikiIHN0cm9rZS1saW5lam9pbj0icm91bmQiIHN0cm9rZS13aWR0aD0iNC45NiIvPjxwYXRoIGQ9Ik00ODcuODkgODczLjY0YTg5LjUzIDg5LjUzIDAgMCAwLTIuNjg4LjAzMWMtMS4wNDMuMDMxLTIuNDQ1LjM2Mi00LjA2Mi45MDYgMjcuMzA5IDIwLjczNyAzNy4xMjcgNTguMTQ2IDIwLjI1IDkwLjY1Ni41NzMuMDE1IDEuMTQyLjA2MyAxLjcxOS4wNjMgMzAuODQ0IDAgNTYuNjItMjEuNDkzIDYzLjI4LTUwLjMxMi0xOS41NzItMjIuOTQzLTQ2LjExNy00MS4yOTQtNzguNS00MS4zNDR6IiBmaWxsPSJ1cmwoI2MpIiBvcGFjaXR5PSIuNzUiLz48cGF0aCBkPSJNNDgxLjE0IDg3NC41OGMtOS4wNjggMy4wNTItMjYuMzY4IDEzLjgwMi00MyAyOC4xNTYgMS4yNjMgMzQuMTk1IDI4Ljk2MSA2MS42MDcgNjMuMjUgNjIuNSAxNi44NzctMzIuNTEgNy4wNi02OS45MTktMjAuMjUtOTAuNjU2eiIgZmlsbD0iIzI4MTcwYiIgb3BhY2l0eT0iLjc1Ii8+PHBhdGggZD0iTTUwNC44ODkgODYyLjU0NmMtLjQ3Mi0uMDMyLS45MzIuMDI4LTEuMzc1LjI1LTUuNiAyLjgwMSAwIDE0IDAgMTQtMTYuODA3IDE0LjAwOS0xMy4yMzYgMzcuOTM4LTMyLjg0NCAzNy45MzgtMTAuNjg5IDAtMjEuMzIyLTEyLjI5My0zMi41MzEtMTkuODEyLS4xNDQgMS43NzMtLjI1IDMuNTY0LS4yNSA1LjM3NSAwIDI0LjUxNSAxMy41MSA0NS44NjMgMzMuNDY5IDU3LjA2MyA1LjU4My0uNzAzIDExLjE1OC0yLjExNCAxNS4zNDQtNC45MDYgMjEuOTkyLTE0LjY2MiAyNy40NTItNDIuNTU3IDM2LjQzOC01Ni4wMzEgNS41OTYtOC40MDcgMzEuODI0LTcuNjc3IDMzLjU5NC0xMS4yMiAyLjgwNC01LjYwMS01LjYwMi0xNC04LjQwNi0xNGgtMjIuNDA2Yy0xLjU2NiAwLTQuMDI1LTIuNzgtNS41OTQtMi43OGgtOC40MDZzLTMuNzI1LTUuNjUtNy4wMzEtNS44NzV6IiBmaWxsPSIjZmZmIi8+PC9nPjwvc3ZnPg== + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - rbac.authorization.k8s.io + resourceNames: + - addressable-resolver + resources: + - clusterroles + verbs: + - bind + - apiGroups: + - console.openshift.io + resources: + - consoleclidownloads + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + serviceAccountName: camel-k-operator + deployments: + - label: + app: camel-k + app.kubernetes.io/component: operator + app.kubernetes.io/name: camel-k + app.kubernetes.io/version: 2.5.0 + camel.apache.org/component: operator + name: camel-k-operator + name: camel-k-operator + spec: + replicas: 1 + selector: + matchLabels: + app: camel-k + name: camel-k-operator + strategy: + type: Recreate + template: + metadata: + labels: + app: camel-k + app.kubernetes.io/component: operator + app.kubernetes.io/name: camel-k + app.kubernetes.io/version: 2.5.0 + camel.apache.org/component: operator + name: camel-k-operator + spec: + containers: + - command: + - kamel + - operator + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: OPERATOR_NAME + value: camel-k + - name: OPERATOR_ID + value: camel-k + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: docker.io/apache/camel-k:2.5.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 20 + periodSeconds: 10 + name: camel-k-operator + ports: + - containerPort: 8080 + name: metrics + resources: + limits: + cpu: "2" + memory: 8Gi + requests: + cpu: 500m + memory: 2Gi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + serviceAccountName: camel-k-operator + permissions: + - rules: + - apiGroups: + - "" + resourceNames: + - local-registry-hosting + resources: + - configmaps + verbs: + - get + - apiGroups: + - camel.apache.org + resources: + - builds + - camelcatalogs + - integrationkits + - integrationplatforms + - integrationprofiles + - integrations + - pipes + - kameletbindings + - kamelets + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - camel.apache.org + resources: + - builds + - integrations + verbs: + - delete + - apiGroups: + - camel.apache.org + resources: + - builds/status + - camelcatalogs/status + - integrationkits/status + - integrationplatforms/status + - integrationprofiles/status + - integrations/scale + - integrations/status + - pipes/status + - pipes/scale + - kameletbindings/status + - kameletbindings/scale + - kamelets/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - configmaps + - secrets + - serviceaccounts + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + - apiGroups: + - "" + resources: + - pods/proxy + - pods/log + verbs: + - get + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - update + - list + - patch + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + - clusterrolebindings + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - jobs + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - get + - list + - watch + - apiGroups: + - keda.sh + resources: + - scaledobjects + - triggerauthentications + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - serving.knative.dev + resources: + - services + - routes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - eventing.knative.dev + resources: + - triggers + - brokers + verbs: + - create + - delete + - get + - list + - patch + - update + - apiGroups: + - messaging.knative.dev + resources: + - subscriptions + - channels + - inmemorychannels + verbs: + - create + - delete + - get + - list + - patch + - update + - apiGroups: + - sources.knative.dev + resources: + - sinkbindings + verbs: + - create + - delete + - get + - list + - patch + - update + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - camel.apache.org + resources: + - builds/finalizers + - integrationkits/finalizers + - integrationplatforms/finalizers + - integrationprofiles/finalizers + - integrations/finalizers + - pipes/finalizers + - kameletbindings/finalizers + verbs: + - update + - apiGroups: + - "" + - build.openshift.io + resources: + - buildconfigs + - buildconfigs/webhooks + - builds + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + - image.openshift.io + resources: + - imagestreamimages + - imagestreammappings + - imagestreams + - imagestreams/secrets + - imagestreamtags + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + - build.openshift.io + resources: + - buildconfigs/instantiate + - buildconfigs/instantiatebinary + - builds/clone + verbs: + - create + - apiGroups: + - "" + - route.openshift.io + resources: + - routes + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + - route.openshift.io + resources: + - routes/custom-host + verbs: + - create + - apiGroups: + - monitoring.coreos.com + resources: + - podmonitors + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - kafka.strimzi.io + resources: + - kafkatopics + - kafkatopics/status + - kafkas + verbs: + - get + - list + - watch + serviceAccountName: camel-k-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - apache + - kamel + - kubernetes + - serverless + - microservices + labels: + name: camel-k-operator + links: + - name: Camel K source code repository + url: https://github.com/apache/camel-k + maintainers: + - email: users@camel.apache.org + name: The Apache Software Foundation + maturity: alpha + minKubeVersion: 1.24.0 + provider: + name: The Apache Software Foundation + replaces: camel-k-operator.v2.4.0 + selector: + matchLabels: + name: camel-k-operator + version: 2.5.0 diff --git a/operators/camel-k/2.5.0/manifests/camelcatalogs.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/camelcatalogs.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..6837d32b35a --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/camelcatalogs.camel.apache.org.crd.yaml @@ -0,0 +1,552 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: camelcatalogs.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: CamelCatalog + listKind: CamelCatalogList + plural: camelcatalogs + shortNames: + - cc + singular: camelcatalog + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Runtime provider + jsonPath: .spec.runtime.provider + name: Runtime Provider + type: string + - description: The Runtime version + jsonPath: .spec.runtime.version + name: Runtime Version + type: string + - description: The Camel version + jsonPath: .spec.runtime.metadata.camel\.version + name: Runtime Camel Version + type: string + - description: The catalog phase + jsonPath: .status.phase + name: Phase + type: string + name: v1 + schema: + openAPIV3Schema: + description: CamelCatalog represents the languages, components, data formats + and capabilities enabled on a given runtime provider. The catalog may be + statically generated. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the desired state of the catalog + properties: + artifacts: + additionalProperties: + description: CamelArtifact represent the configuration for a feature + offered by Camel. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + dataformats: + description: accepted data formats + items: + type: string + type: array + dependencies: + description: required dependencies + items: + description: CamelArtifactDependency represent a maven's dependency. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + exclusions: + description: provide a list of artifacts to exclude for + this dependency + items: + description: CamelArtifactExclusion represents an exclusion + clause. + properties: + artifactId: + description: Maven Artifact + type: string + groupId: + description: Maven Group + type: string + required: + - artifactId + - groupId + type: object + type: array + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + exclusions: + description: provide a list of artifacts to exclude for this + dependency + items: + description: CamelArtifactExclusion represents an exclusion + clause. + properties: + artifactId: + description: Maven Artifact + type: string + groupId: + description: Maven Group + type: string + required: + - artifactId + - groupId + type: object + type: array + groupId: + description: Maven Group + type: string + javaTypes: + description: the Java types used by the artifact feature (ie, + component, data format, ...) + items: + type: string + type: array + languages: + description: accepted languages + items: + type: string + type: array + schemes: + description: accepted URI schemes + items: + description: CamelScheme represents the scheme used to identify + a component in a URI (ie, timer in a timer:xyz endpoint + URI). + properties: + consumer: + description: required scope for consumer + properties: + dependencies: + description: list of dependencies needed for this + scope + items: + description: CamelArtifactDependency represent a + maven's dependency. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + exclusions: + description: provide a list of artifacts to + exclude for this dependency + items: + description: CamelArtifactExclusion represents + an exclusion clause. + properties: + artifactId: + description: Maven Artifact + type: string + groupId: + description: Maven Group + type: string + required: + - artifactId + - groupId + type: object + type: array + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + type: object + http: + description: is a HTTP based scheme + type: boolean + id: + description: the ID (ie, timer in a timer:xyz URI) + type: string + passive: + description: is a passive scheme + type: boolean + producer: + description: required scope for producers + properties: + dependencies: + description: list of dependencies needed for this + scope + items: + description: CamelArtifactDependency represent a + maven's dependency. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + exclusions: + description: provide a list of artifacts to + exclude for this dependency + items: + description: CamelArtifactExclusion represents + an exclusion clause. + properties: + artifactId: + description: Maven Artifact + type: string + groupId: + description: Maven Group + type: string + required: + - artifactId + - groupId + type: object + type: array + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + type: object + required: + - http + - id + - passive + type: object + type: array + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + description: artifacts required by this catalog + type: object + loaders: + additionalProperties: + description: CamelLoader represents the configuration required to + load a DSL. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + dependencies: + description: a list of additional dependencies required beside + the base one + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + groupId: + description: Maven Group + type: string + languages: + description: a list of DSLs supported + items: + type: string + type: array + metadata: + additionalProperties: + type: string + description: the metadata of the loader + type: object + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + description: loaders required by this catalog + type: object + runtime: + description: the runtime targeted for the catalog + properties: + applicationClass: + description: application entry point (main) to be executed + type: string + capabilities: + additionalProperties: + description: |- + Capability is a particular feature which requires a well known set of dependencies and other properties + which are specified in the runtime catalog. + properties: + buildTimeProperties: + description: Set of required Camel build time properties + items: + description: CamelProperty represents a Camel property + that may end up in an application.properties file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + dependencies: + description: List of required Maven dependencies + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: Set of generic metadata + type: object + runtimeProperties: + description: Set of required Camel runtime properties + items: + description: CamelProperty represents a Camel property + that may end up in an application.properties file. + properties: + key: + type: string + value: + type: string + required: + - key + type: object + type: array + type: object + description: features offered by this runtime + type: object + dependencies: + description: list of dependencies needed to run the application + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + metadata: + additionalProperties: + type: string + description: set of metadata + type: object + provider: + description: Camel main application provider, ie, Camel Quarkus + type: string + version: + description: Camel K Runtime version + type: string + required: + - applicationClass + - dependencies + - provider + - version + type: object + required: + - artifacts + - loaders + - runtime + type: object + status: + description: the actual state of the catalog + properties: + conditions: + description: a list of events happened for the CamelCatalog + items: + description: CamelCatalogCondition describes the state of a resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of CamelCatalog condition. + type: string + required: + - status + - type + type: object + type: array + image: + description: the container image available for building an application + with this catalog + type: string + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Catalog. + format: int64 + type: integer + phase: + description: the actual phase + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/integrationkits.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/integrationkits.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..30a5216fd83 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/integrationkits.camel.apache.org.crd.yaml @@ -0,0 +1,590 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: integrationkits.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: IntegrationKit + listKind: IntegrationKitList + plural: integrationkits + shortNames: + - ik + singular: integrationkit + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The integration kit alias + jsonPath: .metadata.labels.camel\.apache\.org\/kit\.alias + name: Alias + type: string + - description: The integration kit phase + jsonPath: .status.phase + name: Phase + type: string + - description: The integration kit type + jsonPath: .metadata.labels.camel\.apache\.org\/kit\.type + name: Type + type: string + - description: The integration kit layout + jsonPath: .metadata.labels.camel\.apache\.org\/kit\.layout + name: Layout + type: string + - description: The integration kit image + jsonPath: .status.image + name: Image + type: string + - description: The integration kit root image + jsonPath: .status.rootImage + name: Root + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + IntegrationKit defines a container image and additional configuration needed to run an `Integration`. + An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it, + in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit` + may be used for other kits as a base container layer, when the `incremental` build option is enabled. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the desired configuration + properties: + capabilities: + description: features offered by the IntegrationKit + items: + type: string + type: array + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + configuration used by the kit + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: property, + configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + dependencies: + description: a list of Camel dependecies used by this kit + items: + type: string + type: array + image: + description: the container image as identified in the container registry + type: string + profile: + description: the profile which is expected by this kit + type: string + repositories: + description: Maven repositories that can be used by the kit + items: + type: string + type: array + sources: + description: the sources to add at build time + items: + description: SourceSpec defines the configuration for one or more + routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source (e.g. + if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by this + object + type: string + type: object + type: array + traits: + description: traits that the kit will execute + properties: + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The collection of addon trait configurations + type: object + builder: + description: The builder trait is internally used to determine + the best strategy to build and configure IntegrationKits. + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The Camel trait sets up Camel configuration. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + quarkus: + description: |- + The Quarkus trait configures the Quarkus runtime. + It's enabled by default. + NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available. + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + type: object + type: object + status: + description: the actual status + properties: + artifacts: + description: list of artifacts used by the kit + items: + description: Artifact represents a materialized artifact (a jar + dependency or in general a file used by the build). + properties: + checksum: + description: a checksum (SHA1) of the content + type: string + id: + description: the identification (GAV for maven dependencies + or file name for other file types) + type: string + location: + description: where it is located in the builder `Pod` + type: string + target: + description: the expected location in the runtime + type: string + required: + - id + type: object + type: array + baseImage: + description: base image used by the kit (could be another IntegrationKit) + type: string + catalog: + description: the catalog used to build/operate the IntegrationKit. + properties: + provider: + description: RuntimeProvider is the provider chosen for the runtime. + type: string + version: + type: string + type: object + conditions: + description: a list of conditions which happened for the events related + the kit + items: + description: IntegrationKitCondition describes the state of a resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of integration condition. + type: string + required: + - status + - type + type: object + type: array + digest: + description: actual image digest of the kit + type: string + failure: + description: failure reason (if any) + properties: + reason: + description: a short text specifying the reason + type: string + recovery: + description: the recovery attempted for this failure + properties: + attempt: + description: attempt number + type: integer + attemptMax: + description: maximum number of attempts + type: integer + attemptTime: + description: time of the attempt execution + format: date-time + type: string + required: + - attempt + - attemptMax + type: object + time: + description: the time when the failure has happened + format: date-time + type: string + required: + - reason + - recovery + - time + type: object + image: + description: actual image name of the kit + type: string + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this IntegrationKit. + format: int64 + type: integer + phase: + description: phase of the kit + type: string + platform: + description: the platform for which this kit was configured + type: string + rootImage: + description: root image used by the kit (the first image from which + the incremental image has started, typically a JDK/JRE base image) + type: string + runtimeProvider: + description: the runtime provider for which this kit was configured + type: string + runtimeVersion: + description: the runtime version for which this kit was configured + type: string + version: + description: the Camel K operator version for which this kit was configured + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/integrationplatforms.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/integrationplatforms.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..8e1a8d0ffc4 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/integrationplatforms.camel.apache.org.crd.yaml @@ -0,0 +1,4359 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: integrationplatforms.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: IntegrationPlatform + listKind: IntegrationPlatformList + plural: integrationplatforms + shortNames: + - itp + singular: integrationplatform + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The integration platform phase + jsonPath: .status.phase + name: Phase + type: string + - description: The default build strategy + jsonPath: .status.build.buildConfiguration.strategy + name: Build strategy + type: string + - description: The default publish strategy + jsonPath: .status.build.publishStrategy + name: Publish strategy + type: string + - description: The container registry address + jsonPath: .status.build.registry.address + name: Registry address + type: string + - description: The default runtime version + jsonPath: .status.build.runtimeVersion + name: Default runtime + type: string + - description: The default Camel core version + jsonPath: .status.build.runtimeCoreVersion + name: Camel version + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + IntegrationPlatform is the resource used to drive the Camel K operator behavior. + It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace. + When the Camel K operator is installed in `global` mode, + you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: IntegrationPlatformSpec defines the desired state of IntegrationPlatform. + properties: + build: + description: specify how to build the Integration/IntegrationKits + properties: + PublishStrategyOptions: + additionalProperties: + type: string + description: 'Deprecated: no longer in use' + type: object + baseImage: + description: |- + a base image that can be used as base layer for all images. + It can be useful if you want to provide some custom base image with further utility software + type: string + buildCatalogToolTimeout: + description: |- + the timeout (in seconds) to use when creating the build tools container image + Deprecated: no longer in use + type: string + buildConfiguration: + description: the configuration required to build an Integration + container image + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. Only used + for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only used + for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. Only used + for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. Only used + for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder Pod (must + be the same of the operator in charge of this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to build + a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only used + for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. Only used + for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the build. + type: string + type: object + maven: + description: Maven configuration used to build the Camel/Camel-Quarkus + applications + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + maxRunningBuilds: + description: the maximum amount of parallel running pipelines + started by this operator instance + format: int32 + type: integer + publishStrategy: + description: the strategy to adopt for publishing an Integration + container image + type: string + registry: + description: the image registry used to push/pull Integration + images + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate Authority + type: string + insecure: + description: if the container registry is insecure (ie, http + only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + runtimeCoreVersion: + description: the Camel core version used by this IntegrationPlatform + type: string + runtimeProvider: + description: the runtime used. Likely Camel Quarkus (we used to + have main runtime which has been discontinued since version + 1.5) + type: string + runtimeVersion: + description: the Camel K Runtime dependency version + type: string + timeout: + description: how much time to wait before time out the pipeline + process + type: string + type: object + cluster: + description: what kind of cluster you're running (ie, plain Kubernetes + or OpenShift) + type: string + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: property, + configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + kamelet: + description: configuration to be executed to all Kamelets controlled + by this IntegrationPlatform + properties: + repositories: + description: remote repository used to retrieve Kamelet catalog + items: + description: KameletRepositorySpec defines the location of the + Kamelet catalog to use. + properties: + uri: + description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER + type: string + type: object + type: array + type: object + profile: + description: |- + the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. + It usually relates the Cluster with the optional definition of special profiles (ie, Knative) + type: string + traits: + description: list of traits to be executed for all the Integration/IntegrationKits + built from this IntegrationPlatform + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + status: + description: IntegrationPlatformStatus defines the observed state of IntegrationPlatform. + properties: + build: + description: specify how to build the Integration/IntegrationKits + properties: + PublishStrategyOptions: + additionalProperties: + type: string + description: 'Deprecated: no longer in use' + type: object + baseImage: + description: |- + a base image that can be used as base layer for all images. + It can be useful if you want to provide some custom base image with further utility software + type: string + buildCatalogToolTimeout: + description: |- + the timeout (in seconds) to use when creating the build tools container image + Deprecated: no longer in use + type: string + buildConfiguration: + description: the configuration required to build an Integration + container image + properties: + annotations: + additionalProperties: + type: string + description: Annotation to use for the builder pod. Only used + for `pod` strategy + type: object + limitCPU: + description: The maximum amount of CPU required. Only used + for `pod` strategy + type: string + limitMemory: + description: The maximum amount of memory required. Only used + for `pod` strategy + type: string + nodeSelector: + additionalProperties: + type: string + description: The node selector for the builder pod. Only used + for `pod` strategy + type: object + operatorNamespace: + description: The namespace where to run the builder Pod (must + be the same of the operator in charge of this Build reconciliation). + type: string + orderStrategy: + description: the build order strategy to adopt + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of platforms used in order to build + a container image. + items: + type: string + type: array + requestCPU: + description: The minimum amount of CPU required. Only used + for `pod` strategy + type: string + requestMemory: + description: The minimum amount of memory required. Only used + for `pod` strategy + type: string + strategy: + description: the strategy to adopt + enum: + - routine + - pod + type: string + toolImage: + description: The container image to be used to run the build. + type: string + type: object + maven: + description: Maven configuration used to build the Camel/Camel-Quarkus + applications + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + maxRunningBuilds: + description: the maximum amount of parallel running pipelines + started by this operator instance + format: int32 + type: integer + publishStrategy: + description: the strategy to adopt for publishing an Integration + container image + type: string + registry: + description: the image registry used to push/pull Integration + images + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate Authority + type: string + insecure: + description: if the container registry is insecure (ie, http + only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + runtimeCoreVersion: + description: the Camel core version used by this IntegrationPlatform + type: string + runtimeProvider: + description: the runtime used. Likely Camel Quarkus (we used to + have main runtime which has been discontinued since version + 1.5) + type: string + runtimeVersion: + description: the Camel K Runtime dependency version + type: string + timeout: + description: how much time to wait before time out the pipeline + process + type: string + type: object + cluster: + description: what kind of cluster you're running (ie, plain Kubernetes + or OpenShift) + type: string + conditions: + description: which are the conditions met (particularly useful when + in ERROR phase) + items: + description: IntegrationPlatformCondition describes the state of + a resource at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of integration condition. + type: string + required: + - status + - type + type: object + type: array + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: property, + configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + info: + additionalProperties: + type: string + description: generic information related to the build of Camel K operator + software + type: object + kamelet: + description: configuration to be executed to all Kamelets controlled + by this IntegrationPlatform + properties: + repositories: + description: remote repository used to retrieve Kamelet catalog + items: + description: KameletRepositorySpec defines the location of the + Kamelet catalog to use. + properties: + uri: + description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER + type: string + type: object + type: array + type: object + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this IntegrationPlatform. + format: int64 + type: integer + phase: + description: defines in what phase the IntegrationPlatform is found + type: string + profile: + description: |- + the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. + It usually relates the Cluster with the optional definition of special profiles (ie, Knative) + type: string + traits: + description: list of traits to be executed for all the Integration/IntegrationKits + built from this IntegrationPlatform + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + version: + description: the Camel K operator version controlling this IntegrationPlatform + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/integrationprofiles.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/integrationprofiles.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..57aa25facf1 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/integrationprofiles.camel.apache.org.crd.yaml @@ -0,0 +1,4104 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: integrationprofiles.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: IntegrationProfile + listKind: IntegrationProfileList + plural: integrationprofiles + shortNames: + - ipr + singular: integrationprofile + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The integration profile phase + jsonPath: .status.phase + name: Phase + type: string + - description: The default runtime version + jsonPath: .status.build.runtimeVersion + name: Default runtime + type: string + name: v1 + schema: + openAPIV3Schema: + description: |- + IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. + It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace. + Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: IntegrationProfileSpec applies user defined settings to the + IntegrationProfile. + properties: + build: + description: specify how to build the Integration/IntegrationKits + properties: + baseImage: + description: |- + a base image that can be used as base layer for all images. + It can be useful if you want to provide some custom base image with further utility software + type: string + maven: + description: Maven configuration used to build the Camel/Camel-Quarkus + applications + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + registry: + description: the image registry used to push/pull Integration + images + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate Authority + type: string + insecure: + description: if the container registry is insecure (ie, http + only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + runtimeProvider: + description: the runtime used. Likely Camel Quarkus (we used to + have main runtime which has been discontinued since version + 1.5) + type: string + runtimeVersion: + description: the Camel K Runtime dependency version + type: string + timeout: + description: how much time to wait before time out the pipeline + process + type: string + type: object + kamelet: + description: configuration to be executed to all Kamelets controlled + by this IntegrationProfile + properties: + repositories: + description: remote repository used to retrieve Kamelet catalog + items: + description: KameletRepositorySpec defines the location of the + Kamelet catalog to use. + properties: + uri: + description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER + type: string + type: object + type: array + type: object + traits: + description: list of traits to be executed for all the Integration/IntegrationKits + built from this IntegrationProfile + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + status: + description: IntegrationProfileStatus defines the observed state of IntegrationProfile. + properties: + build: + description: specify how to build the Integration/IntegrationKits + properties: + baseImage: + description: |- + a base image that can be used as base layer for all images. + It can be useful if you want to provide some custom base image with further utility software + type: string + maven: + description: Maven configuration used to build the Camel/Camel-Quarkus + applications + properties: + caSecrets: + description: |- + The Secrets name and key, containing the CA certificate(s) used to connect + to remote Maven repositories. + It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + A JKS formatted keystore is automatically created to store the CA certificate(s), + and configured to be used as a trusted certificate(s) by the Maven commands. + Note that the root CA certificates are also imported into the created keystore. + items: + description: SecretKeySelector selects a key of a Secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: array + cliOptions: + description: |- + The CLI options that are appended to the list of arguments for Maven commands, + e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + items: + type: string + type: array + extension: + description: |- + The Maven build extensions. + See https://maven.apache.org/guides/mini/guide-using-extensions.html. + items: + description: MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) + Maven artifact. + properties: + artifactId: + description: Maven Artifact + type: string + classifier: + description: Maven Classifier + type: string + groupId: + description: Maven Group + type: string + type: + description: Maven Type + type: string + version: + description: Maven Version + type: string + required: + - artifactId + - groupId + type: object + type: array + localRepository: + description: The path of the local Maven repository. + type: string + profiles: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven profile. + items: + description: ValueSource --. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: array + properties: + additionalProperties: + type: string + description: The Maven properties. + type: object + settings: + description: |- + A reference to the ConfigMap or Secret key that contains + the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + settingsSecurity: + description: |- + A reference to the ConfigMap or Secret key that contains + the security of the Maven settings. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + type: object + registry: + description: the image registry used to push/pull Integration + images + properties: + address: + description: the URI to access + type: string + ca: + description: the configmap which stores the Certificate Authority + type: string + insecure: + description: if the container registry is insecure (ie, http + only) + type: boolean + organization: + description: the registry organization + type: string + secret: + description: the secret where credentials are stored + type: string + type: object + runtimeProvider: + description: the runtime used. Likely Camel Quarkus (we used to + have main runtime which has been discontinued since version + 1.5) + type: string + runtimeVersion: + description: the Camel K Runtime dependency version + type: string + timeout: + description: how much time to wait before time out the pipeline + process + type: string + type: object + conditions: + description: which are the conditions met (particularly useful when + in ERROR phase) + items: + description: IntegrationProfileCondition describes the state of + a resource at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of integration condition. + type: string + required: + - status + - type + type: object + type: array + kamelet: + description: configuration to be executed to all Kamelets controlled + by this IntegrationProfile + properties: + repositories: + description: remote repository used to retrieve Kamelet catalog + items: + description: KameletRepositorySpec defines the location of the + Kamelet catalog to use. + properties: + uri: + description: the remote repository in the format github:ORG/REPO/PATH_TO_KAMELETS_FOLDER + type: string + type: object + type: array + type: object + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this IntegrationProfile. + format: int64 + type: integer + phase: + description: defines in what phase the IntegrationProfile is found + type: string + traits: + description: list of traits to be executed for all the Integration/IntegrationKits + built from this IntegrationProfile + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/integrations.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/integrations.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..efd900a3431 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/integrations.camel.apache.org.crd.yaml @@ -0,0 +1,10093 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: integrations.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: Integration + listKind: IntegrationList + plural: integrations + shortNames: + - it + singular: integration + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The integration phase + jsonPath: .status.phase + name: Phase + type: string + - description: The integration readiness + jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - description: The runtime version + jsonPath: .status.runtimeProvider + name: Runtime Provider + type: string + - description: The runtime provider + jsonPath: .status.runtimeVersion + name: Runtime Version + type: string + - description: The catalog version + jsonPath: .status.catalog.version + name: Catalog Version + type: string + - description: The integration kit + jsonPath: .status.integrationKit.name + name: Kit + type: string + - description: The number of pods + jsonPath: .status.replicas + name: Replicas + type: integer + name: v1 + schema: + openAPIV3Schema: + description: Integration is the Schema for the integrations API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the desired Integration specification + properties: + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: property, + configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + dependencies: + description: the list of Camel or Maven dependencies required by the + Integration + items: + type: string + type: array + flows: + description: a source in YAML DSL language which contain the routes + to run + items: + description: Flow is an unstructured object representing a Camel + Flow in YAML/JSON DSL. + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + integrationKit: + description: the reference of the `IntegrationKit` which is used for + this Integration + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + profile: + description: the profile needed to run this Integration + type: string + replicas: + description: the number of `Pods` needed for the running Integration + format: int32 + type: integer + repositories: + description: additional Maven repositories to be used + items: + type: string + type: array + serviceAccountName: + description: custom SA to use for the Integration + type: string + sources: + description: the sources which contain the Camel routes to run + items: + description: SourceSpec defines the configuration for one or more + routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source (e.g. + if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by this + object + type: string + type: object + type: array + template: + description: Pod template customization + properties: + spec: + description: the specification + properties: + activeDeadlineSeconds: + description: ActiveDeadlineSeconds + format: int64 + type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean + containers: + description: Containers + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsPolicy: + description: DNSPolicy + type: string + ephemeralContainers: + description: EphemeralContainers + items: + description: |- + An EphemeralContainer is a temporary container that you may add to an existing Pod for + user-initiated activities such as debugging. Ephemeral containers have no resource or + scheduling guarantees, and they will not be restarted when they exit or when a Pod is + removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the + Pod to exceed its resource allocation. + + + To add an ephemeral container, use the ephemeralcontainers subresource of an existing + Pod. Ephemeral containers may not be removed or restarted. + properties: + args: + description: |- + Arguments to the entrypoint. + The image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the ephemeral container specified as a DNS_LABEL. + This name must be unique among all containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral containers. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + Restart policy for the container to manage the restart behavior of each + container within a pod. + This may only be set for init containers. You cannot set this field on + ephemeral containers. + type: string + securityContext: + description: |- + Optional: SecurityContext defines the security options the ephemeral container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + targetContainerName: + description: |- + If set, the name of the container from PodSpec that this ephemeral container targets. + The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. + If not set then the ephemeral container uses the namespaces configured in the Pod spec. + + + The container runtime must implement support for this feature. If the runtime does not + support namespace targeting then the result of setting this field is undefined. + type: string + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + initContainers: + description: InitContainers + items: + description: A single application container that you want + to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable + present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in + the pod's namespace + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source of + a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration that + the container should sleep before being terminated. + properties: + seconds: + description: Seconds is the number of seconds + to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network port + in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents resource + resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry + in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices + to be used by the container. + items: + description: volumeDevice describes a mapping of a + raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside of + the container that the device will be mapped + to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a + Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector + type: object + restartPolicy: + description: RestartPolicy + type: string + securityContext: + description: PodSecurityContext + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. + Some volume types allow the Kubelet to change the ownership of that volume + to be owned by the pod: + + + 1. The owning GID will be the FSGroup + 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- + + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + fsGroupChangePolicy: + description: |- + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + before being exposed inside Pod. This field will only apply to + volume types which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such as: secret, configmaps + and emptydir. + Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name is windows. + type: string + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in SecurityContext. If set in + both SecurityContext and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + supplementalGroups: + description: |- + A list of groups applied to the first process run in each container, in addition + to the container's primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container process. If unspecified, + no additional groups are added to any container. Note that group memberships + defined in the container image for the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: |- + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to be + set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of + the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds + format: int64 + type: integer + topologySpreadConstraints: + description: TopologySpreadConstraints + items: + description: TopologySpreadConstraint specifies how to spread + matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + description: Volumes + items: + description: Volume represents a named volume in a pod that + may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + format: int32 + type: integer + readOnly: + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: boolean + volumeID: + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data Disk + mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching mode: + None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data disk + in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk in + the blob storage + type: string + fsType: + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: multiple + blob disks per storage account Dedicated: single + blob disk per storage account Managed: azure + managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File Service + mount on the host and bind mount to the pod. + properties: + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret that + contains Azure Storage Account Name and Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on the + host that shares a pod's lifetime + properties: + monitors: + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + items: + type: string + type: array + path: + description: 'path is Optional: Used as the mounted + root, rather than the full Ceph tree, default + is /' + type: string + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: boolean + secretFile: + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + secretRef: + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + required: + - monitors + type: object + cinder: + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: boolean + secretRef: + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that should + populate this volume + properties: + defaultMode: + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. + type: string + fsType: + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API about + the pod that should populate this volume + properties: + defaultMode: + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: Items is a list of downward API volume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. + properties: + volumeClaimTemplate: + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. + properties: + metadata: + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. + type: object + spec: + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource + being referenced + type: string + name: + description: Name is the name of resource + being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over + volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The + requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference + to the PersistentVolume backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and then + exposed to the pod. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + lun: + description: 'lun is Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + items: + type: string + type: array + type: object + flexVolume: + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver to + use for this volume. + type: string + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field holds + extra command options if any.' + type: object + readOnly: + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume attached + to a kubelet's host machine. This depends on the Flocker + control service being running + properties: + datasetName: + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the dataset. + This is unique identifier of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + properties: + fsType: + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + format: int32 + type: integer + pdName: + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: boolean + required: + - pdName + type: object + gitRepo: + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. + properties: + directory: + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in + the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for the + specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md + properties: + endpoints: + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + path: + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + readOnly: + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. + properties: + path: + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + type: + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + required: + - path + type: object + iscsi: + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether support + iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether support + iSCSI Session CHAP authentication + type: boolean + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + initiatorName: + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified Name. + type: string + iscsiInterface: + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for iSCSI + target and initiator authentication + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + nfs: + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + properties: + path: + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + readOnly: + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: boolean + server: + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + claimName: + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + type: string + readOnly: + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host + machine + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies Photon + Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx volume + attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a Portworx + volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. + properties: + labelSelector: + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". + properties: + matchExpressions: + description: matchExpressions is a + list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. + type: boolean + path: + description: Relative path from the volume + root to write the bundle. + type: string + signerName: + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information about the + configMap data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace are + supported.' + properties: + apiVersion: + description: Version of the + schema the FieldPath is written + in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field + to select in the specified + API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path is the + relative path name of the file + to be created. Must not be absolute + or contain the ''..'' path. Must + be utf-8 encoded. The first item + of the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container name: + required for volumes, optional + for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource + to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about the + secret data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a + path within a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional field specify whether + the Secret or its key must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to project + properties: + audience: + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. + type: string + expirationSeconds: + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: |- + path is the path relative to the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount on the + host that shares a pod's lifetime + properties: + group: + description: |- + group to map volume access to + Default is no group + type: string + readOnly: + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes + type: string + tenant: + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin + type: string + user: + description: |- + user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + image: + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + keyring: + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + monitors: + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + items: + type: string + type: array + pool: + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: boolean + secretRef: + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". + type: string + gateway: + description: gateway is the host address of the + ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of the + ScaleIO Protection Domain for the configured storage. + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable SSL + communication with Gateway, default false + type: boolean + storageMode: + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage system + as configured in ScaleIO. + type: string + volumeName: + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + properties: + defaultMode: + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether the + Secret or its keys must be defined + type: boolean + secretName: + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere volume + attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage Policy + Based Management (SPBM) profile ID associated + with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage Policy + Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + traits: + description: the traits needed to run this Integration + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + status: + description: the status of the Integration + properties: + capabilities: + description: features offered by the Integration + items: + type: string + type: array + catalog: + description: the catalog used to build/operate the Integration. + properties: + provider: + description: RuntimeProvider is the provider chosen for the runtime. + type: string + version: + type: string + type: object + conditions: + description: a list of events happened for the Integration + items: + description: IntegrationCondition describes the state of a resource + at a certain point. + properties: + firstTruthyTime: + description: First time the condition status transitioned to + True. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + pods: + description: Pods collect health and conditions information + from the owned PODs + items: + properties: + condition: + description: PodCondition contains details for the current + condition of this pod. + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for + the condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + required: + - status + - type + type: object + health: + items: + properties: + data: + description: |- + RawMessage is a raw encoded JSON value. + It implements Marshaler and Unmarshaler and can + be used to delay JSON decoding or precompute a JSON encoding. + x-kubernetes-preserve-unknown-fields: true + name: + type: string + status: + type: string + type: object + type: array + name: + type: string + required: + - condition + type: object + type: array + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of integration condition. + type: string + required: + - status + - type + type: object + type: array + configuration: + description: |- + Deprecated: + a list of configuration specification + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: property, + configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + dependencies: + description: a list of dependencies needed by the application + items: + type: string + type: array + digest: + description: the digest calculated for this Integration + type: string + generatedSources: + description: a list of sources generated for this Integration + items: + description: SourceSpec defines the configuration for one or more + routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source (e.g. + if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by this + object + type: string + type: object + type: array + image: + description: the container image used + type: string + integrationKit: + description: the reference of the `IntegrationKit` which is used for + this Integration + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + lastInitTimestamp: + description: the timestamp representing the last time when this integration + was initialized. + format: date-time + type: string + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Integration. + format: int64 + type: integer + phase: + description: the actual phase + type: string + platform: + description: The IntegrationPlatform watching this Integration + type: string + profile: + description: the profile needed to run this Integration + type: string + replicas: + description: the number of replicas + format: int32 + type: integer + runtimeProvider: + description: the runtime provider targeted for this Integration + type: string + runtimeVersion: + description: the runtime version targeted for this Integration + type: string + selector: + description: label selector + type: string + traits: + description: the traits executed for the Integration + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of an addon + trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on the + node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the integration + in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to use + for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to reuse + existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is eligible + to be scheduled on, based on labels on the node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to build + a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the build + task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available only + when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the specific + task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for the + specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the Integration + runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation configuration + (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via kubernetes + Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided (default + 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided (default + 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by the + container (default `8080`). + type: integer + portName: + description: To configure a different port name for the port + exposed by the container. It defaults to `http` only when + the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default 125 + millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the container + port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name the + container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace existing + pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and + `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has started + before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness probe + times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has started + before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default provided + by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness probe + times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has started + before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup probe + times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever the + integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR subnets + that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` + by default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment and + not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used for + authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for the + newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before the + main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to load + into the current integration + type: string + mountPoint: + description: The directory where the application mounts and + reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete configuration + in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created (default + `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared platform, + this enables delegation of the `system:image-puller` cluster + role on the operator namespace to the integration service + account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If left + empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native build + (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required for + a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration (default + false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration (default + none): this value is automatically retrieved in Openshift + clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if a Service + needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. All + traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + version: + description: the operator version + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/kameletbindings.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/kameletbindings.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..3dca5f0c6a8 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/kameletbindings.camel.apache.org.crd.yaml @@ -0,0 +1,8983 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: kameletbindings.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: KameletBinding + listKind: KameletBindingList + plural: kameletbindings + shortNames: + - klb + singular: kameletbinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Kamelet Binding phase + jsonPath: .status.phase + name: Phase + type: string + - description: The number of pods + jsonPath: .status.replicas + name: Replicas + type: integer + deprecated: true + deprecationWarning: v1apha1.KameletBinding is deprecated, please, use v1.Pipe + instead + name: v1alpha1 + schema: + openAPIV3Schema: + description: KameletBinding is the Schema for the kamelets binding API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the specification of a KameletBinding + properties: + errorHandler: + description: ErrorHandler is an optional handler called upon an error + occurring in the integration + type: object + x-kubernetes-preserve-unknown-fields: true + integration: + description: Integration is an optional integration used to specify + custom parameters + properties: + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: + property, configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + dependencies: + description: the list of Camel or Maven dependencies required + by the Integration + items: + type: string + type: array + flows: + description: a source in YAML DSL language which contain the routes + to run + items: + description: Flow is an unstructured object representing a Camel + Flow in YAML/JSON DSL. + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + integrationKit: + description: the reference of the `IntegrationKit` which is used + for this Integration + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + profile: + description: the profile needed to run this Integration + type: string + replicas: + description: the number of `Pods` needed for the running Integration + format: int32 + type: integer + repositories: + description: additional Maven repositories to be used + items: + type: string + type: array + serviceAccountName: + description: custom SA to use for the Integration + type: string + sources: + description: the sources which contain the Camel routes to run + items: + description: SourceSpec defines the configuration for one or + more routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source + (e.g. if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by + this object + type: string + type: object + type: array + template: + description: Pod template customization + properties: + spec: + description: the specification + properties: + activeDeadlineSeconds: + description: ActiveDeadlineSeconds + format: int64 + type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean + containers: + description: Containers + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsPolicy: + description: DNSPolicy + type: string + ephemeralContainers: + description: EphemeralContainers + items: + description: |- + An EphemeralContainer is a temporary container that you may add to an existing Pod for + user-initiated activities such as debugging. Ephemeral containers have no resource or + scheduling guarantees, and they will not be restarted when they exit or when a Pod is + removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the + Pod to exceed its resource allocation. + + + To add an ephemeral container, use the ephemeralcontainers subresource of an existing + Pod. Ephemeral containers may not be removed or restarted. + properties: + args: + description: |- + Arguments to the entrypoint. + The image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the ephemeral container specified as a DNS_LABEL. + This name must be unique among all containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral + containers. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + Restart policy for the container to manage the restart behavior of each + container within a pod. + This may only be set for init containers. You cannot set this field on + ephemeral containers. + type: string + securityContext: + description: |- + Optional: SecurityContext defines the security options the ephemeral container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + targetContainerName: + description: |- + If set, the name of the container from PodSpec that this ephemeral container targets. + The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. + If not set then the ephemeral container uses the namespaces configured in the Pod spec. + + + The container runtime must implement support for this feature. If the runtime does not + support namespace targeting then the result of setting this field is undefined. + type: string + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + initContainers: + description: InitContainers + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector + type: object + restartPolicy: + description: RestartPolicy + type: string + securityContext: + description: PodSecurityContext + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. + Some volume types allow the Kubelet to change the ownership of that volume + to be owned by the pod: + + + 1. The owning GID will be the FSGroup + 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- + + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + fsGroupChangePolicy: + description: |- + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + before being exposed inside Pod. This field will only apply to + volume types which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such as: secret, configmaps + and emptydir. + Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name is windows. + type: string + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in SecurityContext. If set in + both SecurityContext and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + supplementalGroups: + description: |- + A list of groups applied to the first process run in each container, in addition + to the container's primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container process. If unspecified, + no additional groups are added to any container. Note that group memberships + defined in the container image for the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: |- + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to + be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds + format: int64 + type: integer + topologySpreadConstraints: + description: TopologySpreadConstraints + items: + description: TopologySpreadConstraint specifies how + to spread matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + description: Volumes + items: + description: Volume represents a named volume in a pod + that may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + format: int32 + type: integer + readOnly: + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: boolean + volumeID: + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data + Disk mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching + mode: None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data + disk in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk + in the blob storage + type: string + fsType: + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: + multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: + azure managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File + Service mount on the host and bind mount to the + pod. + properties: + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret + that contains Azure Storage Account Name and + Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on + the host that shares a pod's lifetime + properties: + monitors: + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + items: + type: string + type: array + path: + description: 'path is Optional: Used as the + mounted root, rather than the full Ceph tree, + default is /' + type: string + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: boolean + secretFile: + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + secretRef: + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + required: + - monitors + type: object + cinder: + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: boolean + secretRef: + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that + should populate this volume + properties: + defaultMode: + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. + type: string + fsType: + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API + about the pod that should populate this volume + properties: + defaultMode: + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: Items is a list of downward API + volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. + Must not be absolute or contain the + ''..'' path. Must be utf-8 encoded. + The first item of the relative path + must not start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. + properties: + volumeClaimTemplate: + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. + properties: + metadata: + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. + type: object + spec: + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query + over volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and + then exposed to the pod. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + lun: + description: 'lun is Optional: FC target lun + number' + format: int32 + type: integer + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + items: + type: string + type: array + type: object + flexVolume: + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field + holds extra command options if any.' + type: object + readOnly: + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This depends + on the Flocker control service being running + properties: + datasetName: + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the + dataset. This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + properties: + fsType: + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + format: int32 + type: integer + pdName: + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: boolean + required: + - pdName + type: object + gitRepo: + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. + properties: + directory: + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in + the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for + the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md + properties: + endpoints: + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + path: + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + readOnly: + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. + properties: + path: + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + type: + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + required: + - path + type: object + iscsi: + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + initiatorName: + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun + number. + format: int32 + type: integer + portals: + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for + iSCSI target and initiator authentication + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + nfs: + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + properties: + path: + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + readOnly: + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: boolean + server: + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + claimName: + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + type: string + readOnly: + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets + host machine + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a + Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. + properties: + labelSelector: + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. + type: boolean + path: + description: Relative path from the + volume root to write the bundle. + type: string + signerName: + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information about + the configMap data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the + output format of the exposed + resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional field specify + whether the Secret or its key must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to + project + properties: + audience: + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. + type: string + expirationSeconds: + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: |- + path is the path relative to the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: |- + group to map volume access to + Default is no group + type: string + readOnly: + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes + type: string + tenant: + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin + type: string + user: + description: |- + user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + image: + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + keyring: + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + monitors: + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + items: + type: string + type: array + pool: + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: boolean + secretRef: + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". + type: string + gateway: + description: gateway is the host address of + the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of + the ScaleIO Protection Domain for the configured + storage. + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default false + type: boolean + storageMode: + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + properties: + defaultMode: + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile ID + associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + traits: + description: the traits needed to run this Integration + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of + an addon trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on + the node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the + integration in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the + integration in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to + use for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to + reuse existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is + eligible to be scheduled on, based on labels on the + node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to + build a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the + build task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available + only when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for + the specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for + the specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the + Integration runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation + configuration (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via + kubernetes Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided + (default 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided + (default 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by + the container (default `8080`). + type: integer + portName: + description: To configure a different port name for the + port exposed by the container. It defaults to `http` + only when the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default + 125 millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration + (default false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration + (default none): this value is automatically retrieved + in Openshift clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the + container port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name + the container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace + existing pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` + and `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has + started before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness + probe times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has + started before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default + provided by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness + probe times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has + started before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup + probe times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever + the integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR + subnets that should not be intercepted by the Istio + proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by + default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment + and not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used + for authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for + the newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before + the main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to + load into the current integration + type: string + mountPoint: + description: The directory where the application mounts + and reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete + configuration in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created + (default `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared + platform, this enables delegation of the `system:image-puller` + cluster role on the operator namespace to the integration + service account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If + left empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build + packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native + build (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required + for a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration + (default false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration + (default none): this value is automatically retrieved + in Openshift clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if + a Service needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for + tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form + `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + replicas: + description: Replicas is the number of desired replicas for the binding + format: int32 + type: integer + serviceAccountName: + description: Custom SA to use for the binding + type: string + sink: + description: Sink is the destination of the integration defined by + this binding + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined + object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior in + external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. + Deprecated: In favor of using DataTypes + type: object + uri: + description: URI can be used to specify the (Camel) endpoint explicitly + type: string + type: object + source: + description: Source is the starting point of the integration defined + by this binding + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined + object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior in + external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. + Deprecated: In favor of using DataTypes + type: object + uri: + description: URI can be used to specify the (Camel) endpoint explicitly + type: string + type: object + steps: + description: Steps contains an optional list of intermediate steps + that are executed between the Source and the Sink + items: + description: Endpoint represents a source/sink external entity (could + be any Kubernetes resource or Camel URI). + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for + undefined object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior + in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. + Deprecated: In favor of using DataTypes + type: object + uri: + description: URI can be used to specify the (Camel) endpoint + explicitly + type: string + type: object + type: array + type: object + status: + description: the status of a KameletBinding + properties: + conditions: + description: Conditions -- + items: + description: KameletBindingCondition describes the state of a resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + pods: + description: Pods collect health and conditions information + from the owned PODs + items: + properties: + condition: + description: PodCondition contains details for the current + condition of this pod. + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for + the condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + required: + - status + - type + type: object + health: + items: + properties: + data: + description: |- + RawMessage is a raw encoded JSON value. + It implements Marshaler and Unmarshaler and can + be used to delay JSON decoding or precompute a JSON encoding. + x-kubernetes-preserve-unknown-fields: true + name: + type: string + status: + type: string + type: object + type: array + name: + type: string + required: + - condition + type: object + type: array + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of kameletBinding condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this KameletBinding. + format: int64 + type: integer + phase: + description: Phase -- + type: string + replicas: + description: Replicas is the number of actual replicas of the binding + format: int32 + type: integer + selector: + description: Selector allows to identify pods belonging to the binding + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/kamelets.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/kamelets.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..4884525b613 --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/kamelets.camel.apache.org.crd.yaml @@ -0,0 +1,2002 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: kamelets.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: Kamelet + listKind: KameletList + plural: kamelets + shortNames: + - kl + singular: kamelet + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Kamelet type + jsonPath: .metadata.labels.camel\.apache\.org\/kamelet\.type + name: Type + type: string + - description: The Kamelet provider + jsonPath: .metadata.annotations.camel\.apache\.org\/provider + name: Provider + type: string + - description: The Kamelet bundled + jsonPath: .metadata.labels.camel\.apache\.org\/kamelet\.bundled + name: Bundled + type: string + - description: The Camel compatible version + jsonPath: .metadata.annotations.camel\.apache\.org\/catalog\.version + name: Camel Version + type: string + name: v1 + schema: + openAPIV3Schema: + description: Kamelet is the Schema for the kamelets API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the desired specification + properties: + dataTypes: + additionalProperties: + description: DataTypesSpec represents the specification for a set + of data types. + properties: + default: + description: the default data type for this Kamelet + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification for a + header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + types: + additionalProperties: + description: DataTypeSpec represents the specification for + a data type. + properties: + dependencies: + description: the list of Camel or Maven dependencies required + by the data type + items: + type: string + type: array + description: + description: optional description + type: string + format: + description: the data type format name + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification + for a header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the data type + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for + undefined object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior + in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + scheme: + description: the data type component scheme + type: string + type: object + description: one to many data type specifications + type: object + type: object + description: data specification types for the events consumed/produced + by the Kamelet + type: object + definition: + description: defines the formal configuration of the Kamelet + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing an external + resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined object + fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number literal. + type: string + multipleOf: + description: A Number represents a JSON number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended properties + that trigger a custom behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + dependencies: + description: Camel dependencies needed by the Kamelet + items: + type: string + type: array + sources: + description: sources in any Camel DSL supported + items: + description: SourceSpec defines the configuration for one or more + routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source (e.g. + if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by this + object + type: string + type: object + type: array + template: + description: the main source in YAML DSL + type: object + x-kubernetes-preserve-unknown-fields: true + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types (ie, + application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing an + external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined + object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number literal. + type: string + multipleOf: + description: A Number represents a JSON number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended properties + that trigger a custom behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + data specification types for the events consumed/produced by the Kamelet + Deprecated: In favor of using DataTypes + type: object + versions: + additionalProperties: + description: KameletSpecBase specifies the base configuration of + a Kamelet. + properties: + dataTypes: + additionalProperties: + description: DataTypesSpec represents the specification for + a set of data types. + properties: + default: + description: the default data type for this Kamelet + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification + for a header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + types: + additionalProperties: + description: DataTypeSpec represents the specification + for a data type. + properties: + dependencies: + description: the list of Camel or Maven dependencies + required by the data type + items: + type: string + type: array + description: + description: optional description + type: string + format: + description: the data type format name + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification + for a header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + mediaType: + description: media type as expected for HTTP media + types (ie, application/json) + type: string + schema: + description: the expected schema for the data type + properties: + $schema: + description: JSONSchemaURL represents a schema + url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value + for undefined object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON + number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON + number literal. + type: string + multipleOf: + description: A Number represents a JSON + number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of + extended properties that trigger a custom + behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + scheme: + description: the data type component scheme + type: string + type: object + description: one to many data type specifications + type: object + type: object + description: data specification types for the events consumed/produced + by the Kamelet + type: object + definition: + description: defines the formal configuration of the Kamelet + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing an + external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined + object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number literal. + type: string + multipleOf: + description: A Number represents a JSON number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended properties + that trigger a custom behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + dependencies: + description: Camel dependencies needed by the Kamelet + items: + type: string + type: array + sources: + description: sources in any Camel DSL supported + items: + description: SourceSpec defines the configuration for one + or more routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source + content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) + used to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source + (e.g. if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described + by this object + type: string + type: object + type: array + template: + description: the main source in YAML DSL + type: object + x-kubernetes-preserve-unknown-fields: true + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for + undefined object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior + in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + data specification types for the events consumed/produced by the Kamelet + Deprecated: In favor of using DataTypes + type: object + type: object + description: |- + the optional versions available for this Kamelet. This field may not be taken in account by Camel core and is meant to support + any user defined versioning model on cluster only. If the user wants to use any given version, she must materialize a file with the given version spec + as the `main` Kamelet spec on the runtime. + type: object + type: object + status: + default: + phase: Ready + description: |- + the actual status of the resource + Deprecated no longer in use + properties: + conditions: + description: Conditions -- + items: + description: KameletCondition describes the state of a resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of kamelet condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Kamelet. + format: int64 + type: integer + phase: + description: Phase -- + type: string + properties: + description: Properties -- + items: + description: KameletProperty specify the behavior of a property + in a Kamelet. + properties: + default: + description: the default value of the property (if any) + type: string + name: + description: the name of the property + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - description: The Kamelet phase + jsonPath: .status.phase + name: Phase + type: string + deprecated: true + deprecationWarning: v1apha1.Kamelet is deprecated, please, use v1.Kamelet instead + name: v1alpha1 + schema: + openAPIV3Schema: + description: Kamelet is the Schema for the kamelets API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the desired specification. + properties: + dataTypes: + additionalProperties: + description: DataTypesSpec represents the specification for a set + of data types. + properties: + default: + description: the default data type for this Kamelet + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification for a + header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + types: + additionalProperties: + description: DataTypeSpec represents the specification for + a data type. + properties: + dependencies: + description: the list of Camel or Maven dependencies required + by the data type + items: + type: string + type: array + description: + description: optional description + type: string + format: + description: the data type format name + type: string + headers: + additionalProperties: + description: HeaderSpec represents the specification + for a header used in the Kamelet. + properties: + default: + type: string + description: + type: string + required: + type: boolean + title: + type: string + type: + type: string + type: object + description: one to many header specifications + type: object + mediaType: + description: media type as expected for HTTP media types + (ie, application/json) + type: string + schema: + description: the expected schema for the data type + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing + an external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for + undefined object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number + literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number + literal. + type: string + multipleOf: + description: A Number represents a JSON number + literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended + properties that trigger a custom behavior + in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + scheme: + description: the data type component scheme + type: string + type: object + description: one to many data type specifications + type: object + type: object + description: data specification types for the events consumed/produced + by the Kamelet + type: object + definition: + description: defines the formal configuration of the Kamelet + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing an external + resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined object + fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number literal. + type: string + multipleOf: + description: A Number represents a JSON number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended properties + that trigger a custom behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + dependencies: + description: Camel dependencies needed by the Kamelet + items: + type: string + type: array + sources: + description: sources in any Camel DSL supported + items: + description: SourceSpec defines the configuration for one or more + routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source (e.g. + if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by this + object + type: string + type: object + type: array + template: + description: the main source in YAML DSL + type: object + x-kubernetes-preserve-unknown-fields: true + types: + additionalProperties: + description: |- + EventTypeSpec represents a specification for an event type. + Deprecated: In favor of using DataTypeSpec. + properties: + mediaType: + description: media type as expected for HTTP media types (ie, + application/json) + type: string + schema: + description: the expected schema for the event + properties: + $schema: + description: JSONSchemaURL represents a schema url. + type: string + description: + type: string + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + externalDocs: + description: ExternalDocumentation allows referencing an + external resource for extended documentation. + properties: + description: + type: string + url: + type: string + type: object + id: + type: string + properties: + additionalProperties: + properties: + default: + description: default is a default value for undefined + object fields. + x-kubernetes-preserve-unknown-fields: true + deprecated: + type: boolean + description: + type: string + enum: + items: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: |- + JSON represents any valid JSON value. + These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + type: boolean + exclusiveMinimum: + type: boolean + format: + description: |- + format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + + + - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + - uri: an URI as parsed by Golang net/url.ParseRequestURI + - email: an email address as parsed by Golang net/mail.ParseAddress + - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + - cidr: a CIDR as parsed by Golang net.ParseCIDR + - mac: a MAC address as parsed by Golang net.ParseMAC + - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + - isbn10: an ISBN10 number string like "0321751043" + - isbn13: an ISBN13 number string like "978-0321751041" + - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + - byte: base64 encoded binary data + - password: any kind of string + - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + type: string + id: + type: string + maxItems: + format: int64 + type: integer + maxLength: + format: int64 + type: integer + maxProperties: + format: int64 + type: integer + maximum: + description: A Number represents a JSON number literal. + type: string + minItems: + format: int64 + type: integer + minLength: + format: int64 + type: integer + minProperties: + format: int64 + type: integer + minimum: + description: A Number represents a JSON number literal. + type: string + multipleOf: + description: A Number represents a JSON number literal. + type: string + nullable: + type: boolean + pattern: + type: string + title: + type: string + type: + type: string + uniqueItems: + type: boolean + x-descriptors: + description: XDescriptors is a list of extended properties + that trigger a custom behavior in external systems + items: + type: string + type: array + type: object + type: object + required: + items: + type: string + type: array + title: + type: string + type: + type: string + type: object + type: object + description: |- + data specification types for the events consumed/produced by the Kamelet + Deprecated: In favor of using DataTypes + type: object + type: object + status: + description: the actual status of the resource. + properties: + conditions: + description: Conditions -- + items: + description: KameletCondition describes the state of a resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human-readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of kamelet condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Kamelet. + format: int64 + type: integer + phase: + description: Phase -- + type: string + properties: + description: Properties -- + items: + description: KameletProperty specify the behavior of a property + in a Kamelet. + properties: + default: + description: the default value of the property (if any) + type: string + name: + description: the name of the property + type: string + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/manifests/pipes.camel.apache.org.crd.yaml b/operators/camel-k/2.5.0/manifests/pipes.camel.apache.org.crd.yaml new file mode 100644 index 00000000000..46f86be3f8c --- /dev/null +++ b/operators/camel-k/2.5.0/manifests/pipes.camel.apache.org.crd.yaml @@ -0,0 +1,8513 @@ +# --------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# --------------------------------------------------------------------------- + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + labels: + app: camel-k + name: pipes.camel.apache.org +spec: + group: camel.apache.org + names: + categories: + - kamel + - camel + kind: Pipe + listKind: PipeList + plural: pipes + shortNames: + - pp + singular: pipe + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Pipe phase + jsonPath: .status.phase + name: Phase + type: string + - description: The number of pods + jsonPath: .status.replicas + name: Replicas + type: integer + name: v1 + schema: + openAPIV3Schema: + description: Pipe is the Schema for the Pipe API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: the specification of a Pipe + properties: + errorHandler: + description: ErrorHandler is an optional handler called upon an error + occurring in the integration + type: object + x-kubernetes-preserve-unknown-fields: true + integration: + description: |- + Integration is an optional integration used to specify custom parameters + Deprecated don't use this. Use trait annotations if you need to change any cluster configuration. + properties: + configuration: + description: |- + Deprecated: + Use camel trait (camel.properties) to manage properties + Use mount trait (mount.configs) to manage configs + Use mount trait (mount.resources) to manage resources + Use mount trait (mount.volumes) to manage volumes + items: + description: ConfigurationSpec represents a generic configuration + specification. + properties: + type: + description: 'represents the type of configuration, ie: + property, configmap, secret, ...' + type: string + value: + description: the value to assign to the configuration (syntax + may vary depending on the `Type`) + type: string + required: + - type + - value + type: object + type: array + dependencies: + description: the list of Camel or Maven dependencies required + by the Integration + items: + type: string + type: array + flows: + description: a source in YAML DSL language which contain the routes + to run + items: + description: Flow is an unstructured object representing a Camel + Flow in YAML/JSON DSL. + type: object + x-kubernetes-preserve-unknown-fields: true + type: array + integrationKit: + description: the reference of the `IntegrationKit` which is used + for this Integration + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + profile: + description: the profile needed to run this Integration + type: string + replicas: + description: the number of `Pods` needed for the running Integration + format: int32 + type: integer + repositories: + description: additional Maven repositories to be used + items: + type: string + type: array + serviceAccountName: + description: custom SA to use for the Integration + type: string + sources: + description: the sources which contain the Camel routes to run + items: + description: SourceSpec defines the configuration for one or + more routes to be executed in a certain Camel DSL language. + properties: + compression: + description: if the content is compressed (base64 encrypted) + type: boolean + content: + description: the source code (plain text) + type: string + contentKey: + description: the confimap key holding the source content + type: string + contentRef: + description: the confimap reference holding the source content + type: string + contentType: + description: the content type (tipically text or binary) + type: string + from-kamelet: + description: True if the spec is generated from a Kamelet + type: boolean + interceptors: + description: |- + Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + uses to pre/post process sources + Deprecated: no longer in use. + items: + type: string + type: array + language: + description: specify which is the language (Camel DSL) used + to interpret this source code + type: string + loader: + description: |- + Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + interpret this source at runtime + type: string + name: + description: the name of the specification + type: string + path: + description: the path where the file is stored + type: string + property-names: + description: List of property names defined in the source + (e.g. if type is "template") + items: + type: string + type: array + rawContent: + description: the source code (binary) + format: byte + type: string + type: + description: Type defines the kind of source described by + this object + type: string + type: object + type: array + template: + description: Pod template customization + properties: + spec: + description: the specification + properties: + activeDeadlineSeconds: + description: ActiveDeadlineSeconds + format: int64 + type: integer + automountServiceAccountToken: + description: AutomountServiceAccountToken + type: boolean + containers: + description: Containers + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + dnsPolicy: + description: DNSPolicy + type: string + ephemeralContainers: + description: EphemeralContainers + items: + description: |- + An EphemeralContainer is a temporary container that you may add to an existing Pod for + user-initiated activities such as debugging. Ephemeral containers have no resource or + scheduling guarantees, and they will not be restarted when they exit or when a Pod is + removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the + Pod to exceed its resource allocation. + + + To add an ephemeral container, use the ephemeralcontainers subresource of an existing + Pod. Ephemeral containers may not be removed or restarted. + properties: + args: + description: |- + Arguments to the entrypoint. + The image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: Lifecycle is not allowed for ephemeral + containers. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the ephemeral container specified as a DNS_LABEL. + This name must be unique among all containers, init containers and ephemeral containers. + type: string + ports: + description: Ports are not allowed for ephemeral + containers. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources + already allocated to the pod. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + Restart policy for the container to manage the restart behavior of each + container within a pod. + This may only be set for init containers. You cannot set this field on + ephemeral containers. + type: string + securityContext: + description: |- + Optional: SecurityContext defines the security options the ephemeral container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: Probes are not allowed for ephemeral + containers. + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + targetContainerName: + description: |- + If set, the name of the container from PodSpec that this ephemeral container targets. + The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. + If not set then the ephemeral container uses the namespaces configured in the Pod spec. + + + The container runtime must implement support for this feature. If the runtime does not + support namespace targeting then the result of setting this field is undefined. + type: string + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + initContainers: + description: InitContainers + items: + description: A single application container that you + want to run within a pod. + properties: + args: + description: |- + Arguments to the entrypoint. + The container image's CMD is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + command: + description: |- + Entrypoint array. Not executed within a shell. + The container image's ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container's environment. If a variable + cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will + produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless + of whether the variable exists or not. Cannot be updated. + More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell + items: + type: string + type: array + env: + description: |- + List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment + variable present in a Container. + properties: + name: + description: Name of the environment variable. + Must be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's + value. Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret + in the pod's namespace + properties: + key: + description: The key of the secret + to select from. Must be a valid + secret key. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + envFrom: + description: |- + List of sources to populate environment variables in the container. + The keys defined within a source must be a C_IDENTIFIER. All invalid keys + will be reported as an event when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take precedence. + Values defined by an Env with a duplicate key will take precedence. + Cannot be updated. + items: + description: EnvFromSource represents the source + of a set of ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the ConfigMap + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + prefix: + description: An optional identifier to prepend + to each key in the ConfigMap. Must be a + C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: Specify whether the Secret + must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + type: object + type: array + image: + description: |- + Container image name. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + imagePullPolicy: + description: |- + Image pull policy. + One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/containers/images#updating-images + type: string + lifecycle: + description: |- + Actions that the management system should take in response to container lifecycle events. + Cannot be updated. + properties: + postStart: + description: |- + PostStart is called immediately after a container is created. If the handler fails, + the container is terminated and restarted according to its restart policy. + Other management of the container blocks until the hook completes. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: |- + PreStop is called immediately before a container is terminated due to an + API request or management event such as liveness/startup probe failure, + preemption, resource contention, etc. The handler is not called if the + container crashes or exits. The Pod's termination grace period countdown begins before the + PreStop hook is executed. Regardless of the outcome of the handler, the + container will eventually terminate within the Pod's termination grace + period (unless delayed by finalizers). Other management of the container blocks until the hook completes + or until the termination grace period is reached. + More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks + properties: + exec: + description: Exec specifies the action to + take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http + request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in + the request. HTTP allows repeated + headers. + items: + description: HTTPHeader describes + a custom header to be used in HTTP + probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field + value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + sleep: + description: Sleep represents the duration + that the container should sleep before + being terminated. + properties: + seconds: + description: Seconds is the number of + seconds to sleep. + format: int64 + type: integer + required: + - seconds + type: object + tcpSocket: + description: |- + Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept + for the backward compatibility. There are no validation of this field and + lifecycle hooks will fail in runtime when tcp handler is specified. + properties: + host: + description: 'Optional: Host name to + connect to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: |- + Periodic probe of container liveness. + Container will be restarted if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + name: + description: |- + Name of the container specified as a DNS_LABEL. + Each container in a pod must have a unique name (DNS_LABEL). + Cannot be updated. + type: string + ports: + description: |- + List of ports to expose from the container. Not specifying a port here + DOES NOT prevent that port from being exposed. Any port which is + listening on the default "0.0.0.0" address inside a container will be + accessible from the network. + Modifying this array with strategic merge patch may corrupt the data. + For more information See https://github.com/kubernetes/kubernetes/issues/108255. + Cannot be updated. + items: + description: ContainerPort represents a network + port in a single container. + properties: + containerPort: + description: |- + Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external + port to. + type: string + hostPort: + description: |- + Number of port to expose on the host. + If specified, this must be a valid port number, 0 < x < 65536. + If HostNetwork is specified, this must match ContainerPort. + Most containers do not need this. + format: int32 + type: integer + name: + description: |- + If specified, this must be an IANA_SVC_NAME and unique within the pod. Each + named port in a pod must have a unique name. Name for the port that can be + referred to by services. + type: string + protocol: + default: TCP + description: |- + Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + x-kubernetes-list-map-keys: + - containerPort + - protocol + x-kubernetes-list-type: map + readinessProbe: + description: |- + Periodic probe of container service readiness. + Container will be removed from service endpoints if the probe fails. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + resizePolicy: + description: Resources resize policy for the container. + items: + description: ContainerResizePolicy represents + resource resize policy for the container. + properties: + resourceName: + description: |- + Name of the resource to which this resource resize policy applies. + Supported values: cpu, memory. + type: string + restartPolicy: + description: |- + Restart policy to apply when specified resource is resized. + If not specified, it defaults to NotRequired. + type: string + required: + - resourceName + - restartPolicy + type: object + type: array + x-kubernetes-list-type: atomic + resources: + description: |- + Compute Resources required by this container. + Cannot be updated. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartPolicy: + description: |- + RestartPolicy defines the restart behavior of individual containers in a pod. + This field may only be set for init containers, and the only allowed value is "Always". + For non-init containers or when this field is not specified, + the restart behavior is defined by the Pod's restart policy and the container type. + Setting the RestartPolicy as "Always" for the init container will have the following effect: + this init container will be continually restarted on + exit until all regular containers have terminated. Once all regular + containers have completed, all init containers with restartPolicy "Always" + will be shut down. This lifecycle differs from normal init containers and + is often referred to as a "sidecar" container. Although this init + container still starts in the init container sequence, it does not wait + for the container to complete before proceeding to the next init + container. Instead, the next init container starts immediately after this + init container is started, or after any startupProbe has successfully + completed. + type: string + securityContext: + description: |- + SecurityContext defines the security options the container should be run with. + If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + properties: + allowPrivilegeEscalation: + description: |- + AllowPrivilegeEscalation controls whether a process can gain more + privileges than its parent process. This bool directly controls if + the no_new_privs flag will be set on the container process. + AllowPrivilegeEscalation is true always when the container is: + 1) run as Privileged + 2) has CAP_SYS_ADMIN + Note that this field cannot be set when spec.os.name is windows. + type: boolean + capabilities: + description: |- + The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the container runtime. + Note that this field cannot be set when spec.os.name is windows. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX + capabilities type + type: string + type: array + type: object + privileged: + description: |- + Run container in privileged mode. + Processes in privileged containers are essentially equivalent to root on the host. + Defaults to false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + procMount: + description: |- + procMount denotes the type of proc mount to use for the containers. + The default is DefaultProcMount which uses the container runtime defaults for + readonly paths and masked paths. + This requires the ProcMountType feature flag to be enabled. + Note that this field cannot be set when spec.os.name is windows. + type: string + readOnlyRootFilesystem: + description: |- + Whether this container has a read-only root filesystem. + Default is false. + Note that this field cannot be set when spec.os.name is windows. + type: boolean + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label + that applies to the container. + type: string + role: + description: Role is a SELinux role label + that applies to the container. + type: string + type: + description: Type is a SELinux type label + that applies to the container. + type: string + user: + description: User is a SELinux user label + that applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by this container. If seccomp options are + provided at both the pod & container level, the container options + override the pod options. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options from the PodSecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the + name of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + startupProbe: + description: |- + StartupProbe indicates that the Pod has successfully initialized. + If specified, no other probes are executed until this completes successfully. + If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. + This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, + when it might take a long time to load data or warm a cache, than during steady-state operation. + This cannot be updated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + properties: + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving + a GRPC port. + properties: + port: + description: Port number of the gRPC service. + Number must be in the range 1 to 65535. + format: int32 + type: integer + service: + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request + to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the + request. HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom + header to be used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP + server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving + a TCP port. + properties: + host: + description: 'Optional: Host name to connect + to, defaults to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + type: object + stdin: + description: |- + Whether this container should allocate a buffer for stdin in the container runtime. If this + is not set, reads from stdin in the container will always result in EOF. + Default is false. + type: boolean + stdinOnce: + description: |- + Whether the container runtime should close the stdin channel after it has been opened by + a single attach. When stdin is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the + first client attaches to stdin, and then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container is restarted. If this + flag is false, a container processes that reads from stdin will never receive an EOF. + Default is false + type: boolean + terminationMessagePath: + description: |- + Optional: Path at which the file to which the container's termination message + will be written is mounted into the container's filesystem. + Message written is intended to be brief final status, such as an assertion failure message. + Will be truncated by the node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. + Defaults to /dev/termination-log. + Cannot be updated. + type: string + terminationMessagePolicy: + description: |- + Indicate how the termination message should be populated. File will use the contents of + terminationMessagePath to populate the container status message on both success and failure. + FallbackToLogsOnError will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever is smaller. + Defaults to File. + Cannot be updated. + type: string + tty: + description: |- + Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. + Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block + devices to be used by the container. + items: + description: volumeDevice describes a mapping + of a raw block device within a container. + properties: + devicePath: + description: devicePath is the path inside + of the container that the device will be + mapped to. + type: string + name: + description: name must match the name of a + persistentVolumeClaim in the pod + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + description: |- + Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting + of a Volume within a container. + properties: + mountPath: + description: |- + Path within the container at which the volume should be mounted. Must + not contain ':'. + type: string + mountPropagation: + description: |- + mountPropagation determines how mounts are propagated from the host + to container and the other way around. + When not set, MountPropagationNone is used. + This field is beta in 1.10. + type: string + name: + description: This must match the Name of a + Volume. + type: string + readOnly: + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. + type: boolean + subPath: + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). + type: string + subPathExpr: + description: |- + Expanded path within the volume from which the container's volume should be mounted. + Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. + Defaults to "" (volume's root). + SubPathExpr and SubPath are mutually exclusive. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: |- + Container's working directory. + If not specified, the container runtime's default will be used, which + might be configured in the container image. + Cannot be updated. + type: string + required: + - name + type: object + type: array + nodeSelector: + additionalProperties: + type: string + description: NodeSelector + type: object + restartPolicy: + description: RestartPolicy + type: string + securityContext: + description: PodSecurityContext + properties: + fsGroup: + description: |- + A special supplemental group that applies to all containers in a pod. + Some volume types allow the Kubelet to change the ownership of that volume + to be owned by the pod: + + + 1. The owning GID will be the FSGroup + 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + 3. The permission bits are OR'd with rw-rw---- + + + If unset, the Kubelet will not modify the ownership and permissions of any volume. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + fsGroupChangePolicy: + description: |- + fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + before being exposed inside Pod. This field will only apply to + volume types which support fsGroup based ownership(and permissions). + It will have no effect on ephemeral volume types such as: secret, configmaps + and emptydir. + Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + Note that this field cannot be set when spec.os.name is windows. + type: string + runAsGroup: + description: |- + The GID to run the entrypoint of the container process. + Uses runtime default if unset. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + runAsNonRoot: + description: |- + Indicates that the container must run as a non-root user. + If true, the Kubelet will validate the image at runtime to ensure that it + does not run as UID 0 (root) and fail to start the container if it does. + If unset or false, no such validation will be performed. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: |- + The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. + May also be set in SecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence + for that container. + Note that this field cannot be set when spec.os.name is windows. + format: int64 + type: integer + seLinuxOptions: + description: |- + The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux context for each + container. May also be set in SecurityContext. If set in + both SecurityContext and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + Note that this field cannot be set when spec.os.name is windows. + properties: + level: + description: Level is SELinux level label that + applies to the container. + type: string + role: + description: Role is a SELinux role label that + applies to the container. + type: string + type: + description: Type is a SELinux type label that + applies to the container. + type: string + user: + description: User is a SELinux user label that + applies to the container. + type: string + type: object + seccompProfile: + description: |- + The seccomp options to use by the containers in this pod. + Note that this field cannot be set when spec.os.name is windows. + properties: + localhostProfile: + description: |- + localhostProfile indicates a profile defined in a file on the node should be used. + The profile must be preconfigured on the node to work. + Must be a descending path, relative to the kubelet's configured seccomp profile location. + Must be set if type is "Localhost". Must NOT be set for any other type. + type: string + type: + description: |- + type indicates which kind of seccomp profile will be applied. + Valid options are: + + + Localhost - a profile defined in a file on the node should be used. + RuntimeDefault - the container runtime default profile should be used. + Unconfined - no profile should be applied. + type: string + required: + - type + type: object + supplementalGroups: + description: |- + A list of groups applied to the first process run in each container, in addition + to the container's primary GID, the fsGroup (if specified), and group memberships + defined in the container image for the uid of the container process. If unspecified, + no additional groups are added to any container. Note that group memberships + defined in the container image for the uid of the container process are still effective, + even if they are not included in this list. + Note that this field cannot be set when spec.os.name is windows. + items: + format: int64 + type: integer + type: array + sysctls: + description: |- + Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + sysctls (by the container runtime) might fail to launch. + Note that this field cannot be set when spec.os.name is windows. + items: + description: Sysctl defines a kernel parameter to + be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: |- + The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext will be used. + If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. + Note that this field cannot be set when spec.os.name is linux. + properties: + gmsaCredentialSpec: + description: |- + GMSACredentialSpec is where the GMSA admission webhook + (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the + GMSA credential spec named by the GMSACredentialSpecName field. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name + of the GMSA credential spec to use. + type: string + hostProcess: + description: |- + HostProcess determines if a container should be run as a 'Host Process' container. + All of a Pod's containers must have the same effective HostProcess value + (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). + In addition, if HostProcess is true then HostNetwork must also be set to true. + type: boolean + runAsUserName: + description: |- + The UserName in Windows to run the entrypoint of the container process. + Defaults to the user specified in image metadata if unspecified. + May also be set in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext takes precedence. + type: string + type: object + type: object + terminationGracePeriodSeconds: + description: TerminationGracePeriodSeconds + format: int64 + type: integer + topologySpreadConstraints: + description: TopologySpreadConstraints + items: + description: TopologySpreadConstraint specifies how + to spread matching pods among the given topology. + properties: + labelSelector: + description: |- + LabelSelector is used to find matching pods. + Pods that match this label selector are counted to determine the number of pods + in their corresponding topology domain. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select the pods over which + spreading will be calculated. The keys are used to lookup values from the + incoming pod labels, those key-value labels are ANDed with labelSelector + to select the group of existing pods over which spreading will be calculated + for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + MatchLabelKeys cannot be set when LabelSelector isn't set. + Keys that don't exist in the incoming pod labels will + be ignored. A null or empty list means only match against labelSelector. + + + This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + description: |- + MaxSkew describes the degree to which pods may be unevenly distributed. + When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference + between the number of matching pods in the target topology and the global minimum. + The global minimum is the minimum number of matching pods in an eligible domain + or zero if the number of eligible domains is less than MinDomains. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 2/2/1: + In this case, the global minimum is 1. + | zone1 | zone2 | zone3 | + | P P | P P | P | + - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; + scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) + violate MaxSkew(1). + - if MaxSkew is 2, incoming pod can be scheduled onto any zone. + When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence + to topologies that satisfy it. + It's a required field. Default value is 1 and 0 is not allowed. + format: int32 + type: integer + minDomains: + description: |- + MinDomains indicates a minimum number of eligible domains. + When the number of eligible domains with matching topology keys is less than minDomains, + Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. + And when the number of eligible domains with matching topology keys equals or greater than minDomains, + this value has no effect on scheduling. + As a result, when the number of eligible domains is less than minDomains, + scheduler won't schedule more than maxSkew Pods to those domains. + If value is nil, the constraint behaves as if MinDomains is equal to 1. + Valid values are integers greater than 0. + When value is not nil, WhenUnsatisfiable must be DoNotSchedule. + + + For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same + labelSelector spread as 2/2/2: + | zone1 | zone2 | zone3 | + | P P | P P | P P | + The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. + In this situation, new pod with the same labelSelector cannot be scheduled, + because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, + it will violate MaxSkew. + + + This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). + format: int32 + type: integer + nodeAffinityPolicy: + description: |- + NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector + when calculating pod topology spread skew. Options are: + - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. + - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. + + + If this value is nil, the behavior is equivalent to the Honor policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + nodeTaintsPolicy: + description: |- + NodeTaintsPolicy indicates how we will treat node taints when calculating + pod topology spread skew. Options are: + - Honor: nodes without taints, along with tainted nodes for which the incoming pod + has a toleration, are included. + - Ignore: node taints are ignored. All nodes are included. + + + If this value is nil, the behavior is equivalent to the Ignore policy. + This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. + type: string + topologyKey: + description: |- + TopologyKey is the key of node labels. Nodes that have a label with this key + and identical values are considered to be in the same topology. + We consider each as a "bucket", and try to put balanced number + of pods into each bucket. + We define a domain as a particular instance of a topology. + Also, we define an eligible domain as a domain whose nodes meet the requirements of + nodeAffinityPolicy and nodeTaintsPolicy. + e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. + And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. + It's a required field. + type: string + whenUnsatisfiable: + description: |- + WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy + the spread constraint. + - DoNotSchedule (default) tells the scheduler not to schedule it. + - ScheduleAnyway tells the scheduler to schedule the pod in any location, + but giving higher precedence to topologies that would help reduce the + skew. + A constraint is considered "Unsatisfiable" for an incoming pod + if and only if every possible node assignment for that pod would violate + "MaxSkew" on some topology. + For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same + labelSelector spread as 3/1/1: + | zone1 | zone2 | zone3 | + | P P P | P | P | + If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled + to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies + MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler + won't make it *more* imbalanced. + It's a required field. + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + description: Volumes + items: + description: Volume represents a named volume in a pod + that may be accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: |- + awsElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + format: int32 + type: integer + readOnly: + description: |- + readOnly value true will force the readOnly setting in VolumeMounts. + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: boolean + volumeID: + description: |- + volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). + More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + type: string + required: + - volumeID + type: object + azureDisk: + description: azureDisk represents an Azure Data + Disk mount on the host and bind mount to the pod. + properties: + cachingMode: + description: 'cachingMode is the Host Caching + mode: None, Read Only, Read Write.' + type: string + diskName: + description: diskName is the Name of the data + disk in the blob storage + type: string + diskURI: + description: diskURI is the URI of data disk + in the blob storage + type: string + fsType: + description: |- + fsType is Filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'kind expected values are Shared: + multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: + azure managed data disk (only in managed availability + set). defaults to shared' + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: azureFile represents an Azure File + Service mount on the host and bind mount to the + pod. + properties: + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: secretName is the name of secret + that contains Azure Storage Account Name and + Key + type: string + shareName: + description: shareName is the azure share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: cephFS represents a Ceph FS mount on + the host that shares a pod's lifetime + properties: + monitors: + description: |- + monitors is Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + items: + type: string + type: array + path: + description: 'path is Optional: Used as the + mounted root, rather than the full Ceph tree, + default is /' + type: string + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: boolean + secretFile: + description: |- + secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + secretRef: + description: |- + secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is optional: User is the rados user name, default is admin + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it + type: string + required: + - monitors + type: object + cinder: + description: |- + cinder represents a cinder volume attached and mounted on kubelets host machine. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: boolean + secretRef: + description: |- + secretRef is optional: points to a secret object containing parameters used to connect + to OpenStack. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeID: + description: |- + volumeID used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md + type: string + required: + - volumeID + type: object + configMap: + description: configMap represents a configMap that + should populate this volume + properties: + defaultMode: + description: |- + defaultMode is optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether the ConfigMap + or its keys must be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + csi: + description: csi (Container Storage Interface) represents + ephemeral storage that is handled by certain external + CSI drivers (Beta feature). + properties: + driver: + description: |- + driver is the name of the CSI driver that handles this volume. + Consult with your admin for the correct name as registered in the cluster. + type: string + fsType: + description: |- + fsType to mount. Ex. "ext4", "xfs", "ntfs". + If not provided, the empty value is passed to the associated CSI driver + which will determine the default filesystem to apply. + type: string + nodePublishSecretRef: + description: |- + nodePublishSecretRef is a reference to the secret object containing + sensitive information to pass to the CSI driver to complete the CSI + NodePublishVolume and NodeUnpublishVolume calls. + This field is optional, and may be empty if no secret is required. If the + secret object contains more than one secret, all secret references are passed. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + readOnly: + description: |- + readOnly specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: |- + volumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: downwardAPI represents downward API + about the pod that should populate this volume + properties: + defaultMode: + description: |- + Optional: mode bits to use on created files by default. Must be a + Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: Items is a list of downward API + volume file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing + the pod field + properties: + fieldRef: + description: 'Required: Selects a field + of the pod: only annotations, labels, + name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema + the FieldPath is written in terms + of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to + select in the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. + Must not be absolute or contain the + ''..'' path. Must be utf-8 encoded. + The first item of the relative path + must not start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output + format of the exposed resources, + defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to + select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + emptyDir: + description: |- + emptyDir represents a temporary directory that shares a pod's lifetime. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + properties: + medium: + description: |- + medium represents what type of storage medium should back this directory. + The default is "" which means to use the node's default medium. + Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + type: string + sizeLimit: + anyOf: + - type: integer + - type: string + description: |- + sizeLimit is the total amount of local storage required for this EmptyDir volume. + The size limit is also applicable for memory medium. + The maximum usage on memory medium EmptyDir would be the minimum value between + the SizeLimit specified here and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + ephemeral: + description: |- + ephemeral represents a volume that is handled by a cluster storage driver. + The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, + and deleted when the pod is removed. + + + Use this if: + a) the volume is only needed while the pod runs, + b) features of normal volumes like restoring from snapshot or capacity + tracking are needed, + c) the storage driver is specified through a storage class, and + d) the storage driver supports dynamic volume provisioning through + a PersistentVolumeClaim (see EphemeralVolumeSource for more + information on the connection between this volume type + and PersistentVolumeClaim). + + + Use PersistentVolumeClaim or one of the vendor-specific + APIs for volumes that persist for longer than the lifecycle + of an individual pod. + + + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for + more information. + + + A pod can use both types of ephemeral volumes and + persistent volumes at the same time. + properties: + volumeClaimTemplate: + description: |- + Will be used to create a stand-alone PVC to provision the volume. + The pod in which this EphemeralVolumeSource is embedded will be the + owner of the PVC, i.e. the PVC will be deleted together with the + pod. The name of the PVC will be `-` where + `` is the name from the `PodSpec.Volumes` array + entry. Pod validation will reject the pod if the concatenated name + is not valid for a PVC (for example, too long). + + + An existing PVC with that name that is not owned by the pod + will *not* be used for the pod to avoid using an unrelated + volume by mistake. Starting the pod is then blocked until + the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an + owner reference to the pod once the pod exists. Normally + this should not be necessary, but it may be useful when + manually reconstructing a broken cluster. + + + This field is read-only and no changes will be made by Kubernetes + to the PVC after it has been created. + + + Required, must not be nil. + properties: + metadata: + description: |- + May contain labels and annotations that will be copied into the PVC + when creating it. No other fields are allowed and will be rejected during + validation. + type: object + spec: + description: |- + The specification for the PersistentVolumeClaim. The entire content is + copied unchanged into the PVC that gets created from this + template. The same fields as in a PersistentVolumeClaim + are also valid here. + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of + resource being referenced + type: string + name: + description: Name is the name of + resource being referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query + over volumes to consider for binding. + properties: + matchExpressions: + description: matchExpressions is + a list of label selector requirements. + The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label + key that the selector applies + to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding + reference to the PersistentVolume + backing this claim. + type: string + type: object + required: + - spec + type: object + type: object + fc: + description: fc represents a Fibre Channel resource + that is attached to a kubelet's host machine and + then exposed to the pod. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + lun: + description: 'lun is Optional: FC target lun + number' + format: int32 + type: integer + readOnly: + description: |- + readOnly is Optional: Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + targetWWNs: + description: 'targetWWNs is Optional: FC target + worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: |- + wwids Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. + items: + type: string + type: array + type: object + flexVolume: + description: |- + flexVolume represents a generic volume resource that is + provisioned/attached using an exec based plugin. + properties: + driver: + description: driver is the name of the driver + to use for this volume. + type: string + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. + type: string + options: + additionalProperties: + type: string + description: 'options is Optional: this field + holds extra command options if any.' + type: object + readOnly: + description: |- + readOnly is Optional: defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef is Optional: secretRef is reference to the secret object containing + sensitive information to pass to the plugin scripts. This may be + empty if no secret object is specified. If the secret object + contains more than one secret, all secrets are passed to the plugin + scripts. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + required: + - driver + type: object + flocker: + description: flocker represents a Flocker volume + attached to a kubelet's host machine. This depends + on the Flocker control service being running + properties: + datasetName: + description: |- + datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated + type: string + datasetUUID: + description: datasetUUID is the UUID of the + dataset. This is unique identifier of a Flocker + dataset + type: string + type: object + gcePersistentDisk: + description: |- + gcePersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + properties: + fsType: + description: |- + fsType is filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + partition: + description: |- + partition is the partition in the volume that you want to mount. + If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition as "1". + Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + format: int32 + type: integer + pdName: + description: |- + pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + type: boolean + required: + - pdName + type: object + gitRepo: + description: |- + gitRepo represents a git repository at a particular revision. + DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir + into the Pod's container. + properties: + directory: + description: |- + directory is the target directory name. + Must not contain or start with '..'. If '.' is supplied, the volume directory will be the + git repository. Otherwise, if specified, the volume will contain the git repository in + the subdirectory with the given name. + type: string + repository: + description: repository is the URL + type: string + revision: + description: revision is the commit hash for + the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: |- + glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/glusterfs/README.md + properties: + endpoints: + description: |- + endpoints is the endpoint name that details Glusterfs topology. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + path: + description: |- + path is the Glusterfs volume path. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: string + readOnly: + description: |- + readOnly here will force the Glusterfs volume to be mounted with read-only permissions. + Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: |- + hostPath represents a pre-existing file or directory on the host + machine that is directly exposed to the container. This is generally + used for system agents or other privileged things that are allowed + to see the host machine. Most containers will NOT need this. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- + TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not + mount host directories as read/write. + properties: + path: + description: |- + path of the directory on the host. + If the path is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + type: + description: |- + type for HostPath Volume + Defaults to "" + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + type: string + required: + - path + type: object + iscsi: + description: |- + iscsi represents an ISCSI Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. + More info: https://examples.k8s.io/volumes/iscsi/README.md + properties: + chapAuthDiscovery: + description: chapAuthDiscovery defines whether + support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: chapAuthSession defines whether + support iSCSI Session CHAP authentication + type: boolean + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + initiatorName: + description: |- + initiatorName is the custom iSCSI Initiator Name. + If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface + : will be created for the connection. + type: string + iqn: + description: iqn is the target iSCSI Qualified + Name. + type: string + iscsiInterface: + description: |- + iscsiInterface is the interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: lun represents iSCSI Target Lun + number. + format: int32 + type: integer + portals: + description: |- + portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + type: boolean + secretRef: + description: secretRef is the CHAP Secret for + iSCSI target and initiator authentication + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + targetPortal: + description: |- + targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port + is other than default (typically TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: |- + name of the volume. + Must be a DNS_LABEL and unique within the pod. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + nfs: + description: |- + nfs represents an NFS mount on the host that shares a pod's lifetime + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + properties: + path: + description: |- + path that is exported by the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + readOnly: + description: |- + readOnly here will force the NFS export to be mounted with read-only permissions. + Defaults to false. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: boolean + server: + description: |- + server is the hostname or IP address of the NFS server. + More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: |- + persistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + claimName: + description: |- + claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + type: string + readOnly: + description: |- + readOnly Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: photonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets + host machine + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: pdID is the ID that identifies + Photon Controller persistent disk + type: string + required: + - pdID + type: object + portworxVolume: + description: portworxVolume represents a portworx + volume attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: volumeID uniquely identifies a + Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: projected items for all in one resources + secrets, configmaps, and downward API + properties: + defaultMode: + description: |- + defaultMode are the mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: sources is the list of volume projections + items: + description: Projection that may be projected + along with other supported volume types + properties: + clusterTrustBundle: + description: |- + ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + of ClusterTrustBundle objects in an auto-updating file. + + + Alpha, gated by the ClusterTrustBundleProjection feature gate. + + + ClusterTrustBundle objects can either be selected by name, or by the + combination of signer name and a label selector. + + + Kubelet performs aggressive normalization of the PEM contents written + into the pod filesystem. Esoteric PEM features such as inter-block + comments and block headers are stripped. Certificates are deduplicated. + The ordering of certificates within the file is arbitrary, and Kubelet + may change the order over time. + properties: + labelSelector: + description: |- + Select all ClusterTrustBundles that match this label selector. Only has + effect if signerName is set. Mutually-exclusive with name. If unset, + interpreted as "match nothing". If set but empty, interpreted as "match + everything". + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + name: + description: |- + Select a single ClusterTrustBundle by object name. Mutually-exclusive + with signerName and labelSelector. + type: string + optional: + description: |- + If true, don't block pod startup if the referenced ClusterTrustBundle(s) + aren't available. If using name, then the named ClusterTrustBundle is + allowed not to exist. If using signerName, then the combination of + signerName and labelSelector is allowed to match zero + ClusterTrustBundles. + type: boolean + path: + description: Relative path from the + volume root to write the bundle. + type: string + signerName: + description: |- + Select all ClusterTrustBundles that match this signer name. + Mutually-exclusive with name. The contents of all selected + ClusterTrustBundles will be unified and deduplicated. + type: string + required: + - path + type: object + configMap: + description: configMap information about + the configMap data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the ConfigMap, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional specify whether + the ConfigMap or its keys must be + defined + type: boolean + type: object + x-kubernetes-map-type: atomic + downwardAPI: + description: downwardAPI information about + the downwardAPI data to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile + represents information to create + the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects + a field of the pod: only annotations, + labels, name and namespace + are supported.' + properties: + apiVersion: + description: Version of + the schema the FieldPath + is written in terms of, + defaults to "v1". + type: string + fieldPath: + description: Path of the + field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + mode: + description: |- + Optional: mode bits used to set permissions on this file, must be an octal value + between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: 'Required: Path + is the relative path name + of the file to be created. + Must not be absolute or contain + the ''..'' path. Must be utf-8 + encoded. The first item of + the relative path must not + start with ''..''' + type: string + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. + properties: + containerName: + description: 'Container + name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the + output format of the exposed + resources, defaults to + "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: + resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + required: + - path + type: object + type: array + type: object + secret: + description: secret information about + the secret data to project + properties: + items: + description: |- + items if unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to + a path within a volume. + properties: + key: + description: key is the key + to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + optional: + description: optional field specify + whether the Secret or its key must + be defined + type: boolean + type: object + x-kubernetes-map-type: atomic + serviceAccountToken: + description: serviceAccountToken is information + about the serviceAccountToken data to + project + properties: + audience: + description: |- + audience is the intended audience of the token. A recipient of a token + must identify itself with an identifier specified in the audience of the + token, and otherwise should reject the token. The audience defaults to the + identifier of the apiserver. + type: string + expirationSeconds: + description: |- + expirationSeconds is the requested duration of validity of the service + account token. As the token approaches expiration, the kubelet volume + plugin will proactively rotate the service account token. The kubelet will + start trying to rotate the token if the token is older than 80 percent of + its time to live or if the token is older than 24 hours.Defaults to 1 hour + and must be at least 10 minutes. + format: int64 + type: integer + path: + description: |- + path is the path relative to the mount point of the file to project the + token into. + type: string + required: + - path + type: object + type: object + type: array + type: object + quobyte: + description: quobyte represents a Quobyte mount + on the host that shares a pod's lifetime + properties: + group: + description: |- + group to map volume access to + Default is no group + type: string + readOnly: + description: |- + readOnly here will force the Quobyte volume to be mounted with read-only permissions. + Defaults to false. + type: boolean + registry: + description: |- + registry represents a single or multiple Quobyte Registry services + specified as a string as host:port pair (multiple entries are separated with commas) + which acts as the central registry for volumes + type: string + tenant: + description: |- + tenant owning the given Quobyte volume in the Backend + Used with dynamically provisioned Quobyte volumes, value is set by the plugin + type: string + user: + description: |- + user to map volume access to + Defaults to serivceaccount user + type: string + volume: + description: volume is a string that references + an already created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: |- + rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. + More info: https://examples.k8s.io/volumes/rbd/README.md + properties: + fsType: + description: |- + fsType is the filesystem type of the volume that you want to mount. + Tip: Ensure that the filesystem type is supported by the host operating system. + Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising the machine + type: string + image: + description: |- + image is the rados image name. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + keyring: + description: |- + keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + monitors: + description: |- + monitors is a collection of Ceph monitors. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + items: + type: string + type: array + pool: + description: |- + pool is the rados pool name. + Default is rbd. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + readOnly: + description: |- + readOnly here will force the ReadOnly setting in VolumeMounts. + Defaults to false. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: boolean + secretRef: + description: |- + secretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. + Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + user: + description: |- + user is the rados user name. + Default is admin. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it + type: string + required: + - image + - monitors + type: object + scaleIO: + description: scaleIO represents a ScaleIO persistent + volume attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". + Default is "xfs". + type: string + gateway: + description: gateway is the host address of + the ScaleIO API Gateway. + type: string + protectionDomain: + description: protectionDomain is the name of + the ScaleIO Protection Domain for the configured + storage. + type: string + readOnly: + description: |- + readOnly Defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef references to the secret for ScaleIO user and other + sensitive information. If this is not provided, Login operation will fail. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + sslEnabled: + description: sslEnabled Flag enable/disable + SSL communication with Gateway, default false + type: boolean + storageMode: + description: |- + storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. + Default is ThinProvisioned. + type: string + storagePool: + description: storagePool is the ScaleIO Storage + Pool associated with the protection domain. + type: string + system: + description: system is the name of the storage + system as configured in ScaleIO. + type: string + volumeName: + description: |- + volumeName is the name of a volume already created in the ScaleIO system + that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: |- + secret represents a secret that should populate this volume. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + properties: + defaultMode: + description: |- + defaultMode is Optional: mode bits used to set permissions on created files by default. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values + for mode bits. Defaults to 0644. + Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + items: + description: |- + items If unspecified, each key-value pair in the Data field of the referenced + Secret will be projected into the volume as a file whose name is the + key and content is the value. If specified, the listed keys will be + projected into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. Paths must be + relative and may not contain the '..' path or start with '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: optional field specify whether + the Secret or its keys must be defined + type: boolean + secretName: + description: |- + secretName is the name of the secret in the pod's namespace to use. + More info: https://kubernetes.io/docs/concepts/storage/volumes#secret + type: string + type: object + storageos: + description: storageOS represents a StorageOS volume + attached and mounted on Kubernetes nodes. + properties: + fsType: + description: |- + fsType is the filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: |- + readOnly defaults to false (read/write). ReadOnly here will force + the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: |- + secretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + volumeName: + description: |- + volumeName is the human-readable name of the StorageOS volume. Volume + names are only unique within a namespace. + type: string + volumeNamespace: + description: |- + volumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter integration. + Set VolumeName to any name to override the default behaviour. + Set to "default" if you are not using namespaces within StorageOS. + Namespaces that do not pre-exist within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: vsphereVolume represents a vSphere + volume attached and mounted on kubelets host machine + properties: + fsType: + description: |- + fsType is filesystem type to mount. + Must be a filesystem type supported by the host operating system. + Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: storagePolicyID is the storage + Policy Based Management (SPBM) profile ID + associated with the StoragePolicyName. + type: string + storagePolicyName: + description: storagePolicyName is the storage + Policy Based Management (SPBM) profile name. + type: string + volumePath: + description: volumePath is the path that identifies + vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - containers + type: object + type: object + traits: + description: the traits needed to run this Integration + properties: + 3scale: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + addons: + additionalProperties: + description: AddonTrait represents the configuration of + an addon trait. + type: object + x-kubernetes-preserve-unknown-fields: true + description: The extension point with addon traits + type: object + affinity: + description: The configuration of Affinity trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + nodeAffinityLabels: + description: Defines a set of nodes the integration pod(s) + are eligible to be scheduled on, based on labels on + the node. + items: + type: string + type: array + podAffinity: + description: Always co-locates multiple replicas of the + integration in the same node (default `false`). + type: boolean + podAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should be co-located with. + items: + type: string + type: array + podAntiAffinity: + description: Never co-locates multiple replicas of the + integration in the same node (default `false`). + type: boolean + podAntiAffinityLabels: + description: |- + Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the + integration pod(s) should not be co-located with. + items: + type: string + type: array + type: object + builder: + description: The configuration of Builder trait + properties: + annotations: + additionalProperties: + type: string + description: When using `pod` strategy, annotation to + use for the builder pod. + type: object + baseImage: + description: |- + Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK + installed and ready to use on path (ie `/usr/bin/java`). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + incrementalImageBuild: + description: Use the incremental image build option, to + reuse existing containers (default `true`) + type: boolean + limitCPU: + description: |- + When using `pod` strategy, the maximum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + limitMemory: + description: |- + When using `pod` strategy, the maximum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + mavenProfiles: + description: |- + A list of references pointing to configmaps/secrets that contains a maven profile. + This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. + The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. + Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml). + items: + type: string + type: array + nodeSelector: + additionalProperties: + type: string + description: Defines a set of nodes the builder pod is + eligible to be scheduled on, based on labels on the + node. + type: object + orderStrategy: + description: The build order strategy to use, either `dependencies`, + `fifo` or `sequential` (default is the platform default) + enum: + - dependencies + - fifo + - sequential + type: string + platforms: + description: The list of manifest platforms to use to + build a container image (default `linux/amd64`). + items: + type: string + type: array + properties: + description: A list of properties to be provided to the + build task + items: + type: string + type: array + requestCPU: + description: |- + When using `pod` strategy, the minimum amount of CPU required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + requestMemory: + description: |- + When using `pod` strategy, the minimum amount of memory required by the pod builder. + Deprecated: use TasksRequestCPU instead with task name `builder`. + type: string + strategy: + description: The strategy to use, either `pod` or `routine` + (default `routine`) + enum: + - pod + - routine + type: string + tasks: + description: A list of tasks to be executed (available + only when using `pod` strategy) with format `;;`. + items: + type: string + type: array + tasksFilter: + description: |- + A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. + Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) + if you need to execute them. Useful only with `pod` strategy. + type: string + tasksLimitCPU: + description: A list of limit cpu configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksLimitMemory: + description: A list of limit memory configuration for + the specific task with format `:`. + items: + type: string + type: array + tasksRequestCPU: + description: A list of request cpu configuration for the + specific task with format `:`. + items: + type: string + type: array + tasksRequestMemory: + description: A list of request memory configuration for + the specific task with format `:`. + items: + type: string + type: array + verbose: + description: |- + Enable verbose logging on build components that support it (e.g. Kaniko build pod). + Deprecated no longer in use + type: boolean + type: object + camel: + description: The configuration of Camel trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + properties: + description: A list of properties to be provided to the + Integration runtime + items: + type: string + type: array + runtimeVersion: + description: |- + The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. + You can use a fixed version (for example "3.2.3") or a semantic version (for example "3.x") which will try to resolve + to the best matching Catalog existing on the cluster. + type: string + type: object + container: + description: The configuration of Container trait + properties: + allowPrivilegeEscalation: + description: Security Context AllowPrivilegeEscalation + configuration (default false). + type: boolean + auto: + description: To automatically enable the trait + type: boolean + capabilitiesAdd: + description: Security Context Capabilities Add configuration + (default none). + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + capabilitiesDrop: + description: Security Context Capabilities Drop configuration + (default ALL). + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + expose: + description: Can be used to enable/disable exposure via + kubernetes Service. + type: boolean + image: + description: |- + The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which + won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead + Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an "external" IntegrationKit. + type: string + imagePullPolicy: + description: 'The pull policy: Always|Never|IfNotPresent' + enum: + - Always + - Never + - IfNotPresent + type: string + limitCPU: + description: The maximum amount of CPU to be provided + (default 500 millicores). + type: string + limitMemory: + description: The maximum amount of memory to be provided + (default 512 Mi). + type: string + name: + description: The main container name. It's named `integration` + by default. + type: string + port: + description: To configure a different port exposed by + the container (default `8080`). + type: integer + portName: + description: To configure a different port name for the + port exposed by the container. It defaults to `http` + only when the `expose` parameter is true. + type: string + requestCPU: + description: The minimum amount of CPU required (default + 125 millicores). + type: string + requestMemory: + description: The minimum amount of memory required (default + 128 Mi). + type: string + runAsNonRoot: + description: Security Context RunAsNonRoot configuration + (default false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration + (default none): this value is automatically retrieved + in Openshift clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + servicePort: + description: To configure under which service port the + container port is to be exposed (default `80`). + type: integer + servicePortName: + description: To configure under which service port name + the container port is to be exposed (default `http`). + type: string + type: object + cron: + description: The configuration of Cron trait + properties: + activeDeadlineSeconds: + description: |- + Specifies the duration in seconds, relative to the start time, that the job + may be continuously active before it is considered to be failed. + It defaults to 60s. + format: int64 + type: integer + auto: + description: |- + Automatically deploy the integration as CronJob when all routes are + either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). + + + It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, + while `35m` or `50s` cannot). + type: boolean + backoffLimit: + description: |- + Specifies the number of retries before marking the job failed. + It defaults to 2. + format: int32 + type: integer + components: + description: |- + A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. + Supported components are currently: `cron`, `timer` and `quartz`. + type: string + concurrencyPolicy: + description: |- + Specifies how to treat concurrent executions of a Job. + Valid values are: + - "Allow": allows CronJobs to run concurrently; + - "Forbid" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; + - "Replace": cancels currently running job and replaces it with a new one + enum: + - Allow + - Forbid + - Replace + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + fallback: + description: |- + Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration + as Kubernetes CronJob. + type: boolean + schedule: + description: |- + The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this + mechanism to work correctly. + type: string + startingDeadlineSeconds: + description: |- + Optional deadline in seconds for starting the job if it misses scheduled + time for any reason. Missed jobs executions will be counted as failed ones. + format: int64 + type: integer + timeZone: + description: The timezone that the CronJob will run on + type: string + type: object + dependencies: + description: The configuration of Dependencies trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + deployer: + description: The configuration of Deployer trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + kind: + description: Allows to explicitly select the desired deployment + kind between `deployment`, `cron-job` or `knative-service` + when creating the resources for running the integration. + enum: + - deployment + - cron-job + - knative-service + type: string + useSSA: + description: |- + Deprecated: won't be able to enforce client side update in the future. + Use server-side apply to update the owned resources (default `true`). + Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters. + type: boolean + type: object + deployment: + description: The configuration of Deployment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + progressDeadlineSeconds: + description: |- + The maximum time in seconds for the deployment to make progress before it + is considered to be failed. It defaults to `60s`. + format: int32 + type: integer + rollingUpdateMaxSurge: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be scheduled above the desired number of + pods. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + This can not be 0 if MaxUnavailable is 0. + Absolute number is calculated from percentage by rounding up. + Defaults to `25%`. + x-kubernetes-int-or-string: true + rollingUpdateMaxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. + Defaults to `25%`. + x-kubernetes-int-or-string: true + strategy: + description: The deployment strategy to use to replace + existing pods with new ones. + enum: + - Recreate + - RollingUpdate + type: string + type: object + environment: + description: The configuration of Environment trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + containerMeta: + description: Enables injection of `NAMESPACE` and `POD_NAME` + environment variables (default `true`) + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + httpProxy: + description: Propagates the `HTTP_PROXY`, `HTTPS_PROXY` + and `NO_PROXY` environment variables (default `true`) + type: boolean + vars: + description: |- + A list of environment variables to be added to the integration container. + The syntax is either VAR=VALUE or VAR=[configmap|secret]:name/key, where name represents the resource name, + and key represents the resource key to be mapped as and environment variable. + These take precedence over any previously defined environment variables. + items: + type: string + type: array + type: object + error-handler: + description: The configuration of Error Handler trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + ref: + description: The error handler ref name provided or found + in application properties + type: string + type: object + gc: + description: The configuration of GC trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryCache: + description: |- + Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). + Deprecated: to be removed from trait configuration. + enum: + - disabled + - disk + - memory + type: string + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + health: + description: The configuration of Health trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + livenessFailureThreshold: + description: Minimum consecutive failures for the liveness + probe to be considered failed after having succeeded. + format: int32 + type: integer + livenessInitialDelay: + description: Number of seconds after the container has + started before the liveness probe is initiated. + format: int32 + type: integer + livenessPeriod: + description: How often to perform the liveness probe. + format: int32 + type: integer + livenessProbe: + description: The liveness probe path to use (default provided + by the Catalog runtime used). + type: string + livenessProbeEnabled: + description: Configures the liveness probe for the integration + container (default `false`). + type: boolean + livenessScheme: + description: Scheme to use when connecting to the liveness + probe (default `HTTP`). + type: string + livenessSuccessThreshold: + description: Minimum consecutive successes for the liveness + probe to be considered successful after having failed. + format: int32 + type: integer + livenessTimeout: + description: Number of seconds after which the liveness + probe times out. + format: int32 + type: integer + readinessFailureThreshold: + description: Minimum consecutive failures for the readiness + probe to be considered failed after having succeeded. + format: int32 + type: integer + readinessInitialDelay: + description: Number of seconds after the container has + started before the readiness probe is initiated. + format: int32 + type: integer + readinessPeriod: + description: How often to perform the readiness probe. + format: int32 + type: integer + readinessProbe: + description: The readiness probe path to use (default + provided by the Catalog runtime used). + type: string + readinessProbeEnabled: + description: Configures the readiness probe for the integration + container (default `true`). + type: boolean + readinessScheme: + description: Scheme to use when connecting to the readiness + probe (default `HTTP`). + type: string + readinessSuccessThreshold: + description: Minimum consecutive successes for the readiness + probe to be considered successful after having failed. + format: int32 + type: integer + readinessTimeout: + description: Number of seconds after which the readiness + probe times out. + format: int32 + type: integer + startupFailureThreshold: + description: Minimum consecutive failures for the startup + probe to be considered failed after having succeeded. + format: int32 + type: integer + startupInitialDelay: + description: Number of seconds after the container has + started before the startup probe is initiated. + format: int32 + type: integer + startupPeriod: + description: How often to perform the startup probe. + format: int32 + type: integer + startupProbe: + description: The startup probe path to use (default provided + by the Catalog runtime used). + type: string + startupProbeEnabled: + description: Configures the startup probe for the integration + container (default `false`). + type: boolean + startupScheme: + description: Scheme to use when connecting to the startup + probe (default `HTTP`). + type: string + startupSuccessThreshold: + description: Minimum consecutive successes for the startup + probe to be considered successful after having failed. + format: int32 + type: integer + startupTimeout: + description: Number of seconds after which the startup + probe times out. + format: int32 + type: integer + type: object + ingress: + description: The configuration of Ingress trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to the ingress. + This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: + See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md + type: object + auto: + description: To automatically add an ingress whenever + the integration uses an HTTP endpoint consumer. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + host: + description: To configure the host exposed by the ingress. + type: string + ingressClassName: + description: |- + The Ingress class name as defined by the Ingress spec + See https://kubernetes.io/docs/concepts/services-networking/ingress/ + type: string + path: + description: To configure the path exposed by the ingress + (default `/`). + type: string + pathType: + description: |- + To configure the path type exposed by the ingress. + One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`). + enum: + - Exact + - Prefix + - ImplementationSpecific + type: string + tlsHosts: + description: To configure tls hosts + items: + type: string + type: array + tlsSecretName: + description: To configure tls secret name + type: string + type: object + istio: + description: The configuration of Istio trait + properties: + allow: + description: Configures a (comma-separated) list of CIDR + subnets that should not be intercepted by the Istio + proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by + default). + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + inject: + description: Forces the value for labels `sidecar.istio.io/inject`. + By default the label is set to `true` on deployment + and not set on Knative Service. + type: boolean + type: object + jolokia: + description: The configuration of Jolokia trait + properties: + CACert: + description: |- + The PEM encoded CA certification file path, used to verify client certificates, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift). + type: string + clientPrincipal: + description: |- + The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + discoveryEnabled: + description: Listen for multicast requests (default `false`) + type: boolean + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + extendedClientCheck: + description: |- + Mandate the client certificate contains a client flag in the extended key usage section, + applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` + (default `true` for OpenShift). + type: boolean + host: + description: |- + The Host address to which the Jolokia agent should bind to. If `"\*"` or `"0.0.0.0"` is given, + the servers binds to every network interface (default `"*"`). + type: string + options: + description: |- + A list of additional Jolokia options as defined + in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options] + items: + type: string + type: array + password: + description: The password used for authentication, applicable + when the `user` option is set. + type: string + port: + description: The Jolokia endpoint port (default `8778`). + type: integer + protocol: + description: The protocol to use, either `http` or `https` + (default `https` for OpenShift) + type: string + useSSLClientAuthentication: + description: Whether client certificates should be used + for authentication (default `true` for OpenShift). + type: boolean + user: + description: The user to be used for authentication + type: string + type: object + jvm: + description: The configuration of JVM trait + properties: + classpath: + description: Additional JVM classpath (use `Linux` classpath + separator) + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + debug: + description: Activates remote debugging, so that a debugger + can be attached to the JVM, e.g., using port-forwarding + type: boolean + debugAddress: + description: Transport address at which to listen for + the newly launched JVM (default `*:5005`) + type: string + debugSuspend: + description: Suspends the target JVM immediately before + the main class is loaded + type: boolean + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + jar: + description: The Jar dependency which will run the application. + Leave it empty for managed Integrations. + type: string + options: + description: A list of JVM options + items: + type: string + type: array + printCommand: + description: |- + Prints the command used the start the JVM in the container logs (default `true`) + Deprecated: no longer in use. + type: boolean + type: object + kamelets: + description: The configuration of Kamelets trait + properties: + auto: + description: Automatically inject all referenced Kamelets + and their default configuration (enabled by default) + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + list: + description: Comma separated list of Kamelet names to + load into the current integration + type: string + mountPoint: + description: The directory where the application mounts + and reads Kamelet spec (default `/etc/camel/kamelets`) + type: string + type: object + keda: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + knative: + description: The configuration of Knative trait + properties: + auto: + description: Enable automatic discovery of all trait properties. + type: boolean + channelSinks: + description: |- + List of channels used as destination of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + channelSources: + description: |- + List of channels used as source of integration routes. + Can contain simple channel names or full Camel URIs. + items: + type: string + type: array + config: + description: Can be used to inject a Knative complete + configuration in JSON format. + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + endpointSinks: + description: |- + List of endpoints used as destination of integration routes. + Can contain simple endpoint names or full Camel URIs. + items: + type: string + type: array + endpointSources: + description: List of channels used as source of integration + routes. + items: + type: string + type: array + eventSinks: + description: |- + List of event types that the integration will produce. + Can contain simple event types or full Camel URIs (to use a specific broker). + items: + type: string + type: array + eventSources: + description: |- + List of event types that the integration will be subscribed to. + Can contain simple event types or full Camel URIs (to use a specific broker different from "default"). + items: + type: string + type: array + filterEventType: + description: |- + Enables the default filtering for the Knative trigger using the event type + If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true) + type: boolean + filterSourceChannels: + description: |- + Enables filtering on events based on the header "ce-knativehistory". Since this header has been removed in newer versions of + Knative, filtering is disabled by default. + type: boolean + filters: + description: |- + Sets filter attributes on the event stream (such as event type, source, subject and so on). + A list of key-value pairs that represent filter attributes and its values. + The syntax is KEY=VALUE, e.g., `source="my.source"`. + Filter attributes get set on the Knative trigger that is being created as part of this integration. + items: + type: string + type: array + namespaceLabel: + description: |- + Enables the camel-k-operator to set the "bindings.knative.dev/include=true" label to the namespace + As Knative requires this label to perform injection of K_SINK URL into the service. + If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true) + type: boolean + sinkBinding: + description: |- + Allows binding the integration to a sink via a Knative SinkBinding resource. + This can be used when the integration targets a single sink. + It's enabled by default when the integration targets a single sink + (except when the integration is owned by a Knative source). + type: boolean + type: object + knative-service: + description: The configuration of Knative Service trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set knative service specific annotations + CLI usage example: -t "knative-service.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + auto: + description: |- + Automatically deploy the integration as Knative service when all conditions hold: + + + * Integration is using the Knative profile + * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer) + type: boolean + autoscalingMetric: + description: |- + Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). + + + Refer to the Knative documentation for more information. + type: string + autoscalingTarget: + description: |- + Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. + + + Refer to the Knative documentation for more information. + type: integer + class: + description: |- + Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). + + + Refer to the Knative documentation for more information. + enum: + - kpa.autoscaling.knative.dev + - hpa.autoscaling.knative.dev + type: string + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + maxScale: + description: |- + An upper bound for the number of Pods that can be running in parallel for the integration. + Knative has its own cap value that depends on the installation. + + + Refer to the Knative documentation for more information. + type: integer + minScale: + description: |- + The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that + the integration is scaled down to zero when not used for a configured amount of time. + + + Refer to the Knative documentation for more information. + type: integer + rolloutDuration: + description: |- + Enables to gradually shift traffic to the latest Revision and sets the rollout duration. + It's disabled by default and must be expressed as a Golang `time.Duration` string representation, + rounded to a second precision. + type: string + timeoutSeconds: + description: |- + The maximum duration in seconds that the request instance is allowed to respond to a request. + This field propagates to the integration pod's terminationGracePeriodSeconds + + + Refer to the Knative documentation for more information. + format: int64 + type: integer + visibility: + description: |- + Setting `cluster-local`, Knative service becomes a private service. + Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. + + + Refer to the Knative documentation for more information. + enum: + - cluster-local + type: string + type: object + logging: + description: The configuration of Logging trait + properties: + color: + description: Colorize the log output + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + format: + description: Logs message format + type: string + json: + description: Output the logs in JSON + type: boolean + jsonPrettyPrint: + description: Enable "pretty printing" of the JSON logs + type: boolean + level: + description: Adjust the logging level (defaults to `INFO`) + enum: + - FATAL + - WARN + - INFO + - DEBUG + - TRACE + type: string + type: object + master: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + mount: + description: The configuration of Mount trait + properties: + configs: + description: |- + A list of configuration pointing to configmap/secret. + The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. + They are also made available on the classpath in order to ease their usage directly from the Route. + Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + emptyDirs: + description: |- + A list of EmptyDir volumes to be mounted. An optional size limit may be configured (default 500Mi). + Syntax: name:/container/path[:sizeLimit] + items: + type: string + type: array + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + hotReload: + description: |- + Enable "hot reload" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be + marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for + changes in metadata. + type: boolean + resources: + description: |- + A list of resources (text or binary content) pointing to configmap/secret. + The resources are expected to be any resource type (text or binary content). + The destination path can be either a default location or any path specified by the user. + Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path + items: + type: string + type: array + scanKameletsImplicitLabelSecrets: + description: 'Deprecated: no longer available since version + 2.5.' + type: boolean + volumes: + description: |- + A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]. If the PVC is not found, the Integration fails. + You can use the syntax [pvcname:/container/path:size:accessMode<:storageClass>] to create a dynamic PVC based on the Storage Class provided + or the default cluster Storage Class. However, if the PVC exists, the operator would mount it. + items: + type: string + type: array + type: object + openapi: + description: The configuration of OpenAPI trait + properties: + configmaps: + description: The configmaps holding the spec of the OpenAPI + (compatible with > 3.0 spec only). + items: + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + type: object + owner: + description: The configuration of Owner trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + targetAnnotations: + description: The set of annotations to be transferred + items: + type: string + type: array + targetLabels: + description: The set of labels to be transferred + items: + type: string + type: array + type: object + pdb: + description: The configuration of PDB trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + maxUnavailable: + description: |- + The number of pods for the Integration that can be unavailable after an eviction. + It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). + Only one of `max-unavailable` and `min-available` can be specified. + type: string + minAvailable: + description: |- + The number of pods for the Integration that must still be available after an eviction. + It can be either an absolute number or a percentage. + Only one of `min-available` and `max-unavailable` can be specified. + type: string + type: object + platform: + description: The configuration of Platform trait + properties: + auto: + description: |- + To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + createDefault: + description: |- + To create a default (empty) platform when the platform is missing. + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + global: + description: |- + Indicates if the platform should be created globally in the case of global operator (default true). + Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility + type: boolean + type: object + pod: + description: The configuration of Pod trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + prometheus: + description: The configuration of Prometheus trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + podMonitor: + description: Whether a `PodMonitor` resource is created + (default `true`). + type: boolean + podMonitorLabels: + description: The `PodMonitor` resource labels, applicable + when `pod-monitor` is `true`. + items: + type: string + type: array + type: object + pull-secret: + description: The configuration of Pull Secret trait + properties: + auto: + description: Automatically configures the platform registry + secret on the pod if it is of type `kubernetes.io/dockerconfigjson`. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + imagePullerDelegation: + description: When using a global operator with a shared + platform, this enables delegation of the `system:image-puller` + cluster role on the operator namespace to the integration + service account. + type: boolean + secretName: + description: The pull secret name to set on the Pod. If + left empty this is automatically taken from the `IntegrationPlatform` + registry configuration. + type: string + type: object + quarkus: + description: The configuration of Quarkus trait + properties: + buildMode: + description: |- + The Quarkus mode to run: either `jvm` or `native` (default `jvm`). + In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, + with the `native` kit having precedence over the `jvm` one once ready. + items: + description: QuarkusMode is the type of Quarkus build + packaging. + enum: + - jvm + - native + type: string + type: array + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + nativeBaseImage: + description: The base image to use when running a native + build (default `quay.io/quarkus/quarkus-micro-image:2.0`) + type: string + nativeBuilderImage: + description: The image containing the tooling required + for a native build (by default it will use the one provided + in the runtime catalog) + type: string + packageTypes: + description: |- + The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). + In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, + with the native kit having precedence over the `fast-jar` one once ready. + The order influences the resolution of the current kit for the integration. + The kit corresponding to the first package type will be assigned to the + integration in case no existing kit that matches the integration exists. + Deprecated: use `build-mode` instead. + items: + description: |- + QuarkusPackageType is the type of Quarkus build packaging. + Deprecated: use `QuarkusMode` instead. + enum: + - fast-jar + - native + type: string + type: array + type: object + registry: + description: |- + The configuration of Registry trait (support removed since version 2.5.0). + Deprecated: use jvm trait or read documentation. + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + type: object + route: + description: The configuration of Route trait + properties: + annotations: + additionalProperties: + type: string + description: |- + The annotations added to route. + This can be used to set route specific annotations + For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations + CLI usage example: -t "route.annotations.'haproxy.router.openshift.io/balance'=true" + type: object + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + host: + description: To configure the host exposed by the route. + type: string + tlsCACertificate: + description: |- + The TLS CA certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCACertificateSecret: + description: |- + The secret name and key reference to the TLS CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificate: + description: |- + The TLS certificate contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsCertificateSecret: + description: |- + The secret name and key reference to the TLS certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificate: + description: |- + The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt + termination this file should be provided in order to have routers use it for health checks on the secure connection. + If this field is not specified, the router may provide its own destination CA and perform hostname validation using + the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically + verify. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsDestinationCACertificateSecret: + description: |- + The secret name and key reference to the destination CA certificate. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsInsecureEdgeTerminationPolicy: + description: |- + To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. + + + Refer to the OpenShift route documentation for additional information. + enum: + - None + - Allow + - Redirect + type: string + tlsKey: + description: |- + The TLS certificate key contents. + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsKeySecret: + description: |- + The secret name and key reference to the TLS certificate key. The format is "secret-name[/key-name]", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a "/". + + + Refer to the OpenShift route documentation for additional information. + type: string + tlsTermination: + description: |- + The TLS termination type, like `edge`, `passthrough` or `reencrypt`. + + + Refer to the OpenShift route documentation for additional information. + enum: + - edge + - reencrypt + - passthrough + type: string + type: object + security-context: + description: The configuration of Security Context trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: 'Deprecated: no longer in use.' + type: boolean + runAsNonRoot: + description: Security Context RunAsNonRoot configuration + (default false). + type: boolean + runAsUser: + description: 'Security Context RunAsUser configuration + (default none): this value is automatically retrieved + in Openshift clusters when not explicitly set.' + format: int64 + type: integer + seccompProfileType: + description: Security Context SeccompProfileType configuration + (default RuntimeDefault). + enum: + - Unconfined + - RuntimeDefault + type: string + type: object + service: + description: The configuration of Service trait + properties: + annotations: + additionalProperties: + type: string + description: The annotations added to the Service object. + type: object + auto: + description: To automatically detect from the code if + a Service needs to be created. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + labels: + additionalProperties: + type: string + description: The labels added to the Service object. + type: object + nodePort: + description: |- + Enable Service to be exposed as NodePort (default `false`). + Deprecated: Use service type instead. + type: boolean + type: + description: The type of service to be used, either 'ClusterIP', + 'NodePort' or 'LoadBalancer'. + enum: + - ClusterIP + - NodePort + - LoadBalancer + type: string + type: object + service-binding: + description: The configuration of Service Binding trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + services: + description: List of Services in the form [[apigroup/]version:]kind:[namespace/]name + items: + type: string + type: array + type: object + strimzi: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + telemetry: + description: The configuration of Telemetry trait + properties: + auto: + description: Enables automatic configuration of the trait, + including automatic discovery of the telemetry endpoint. + type: boolean + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + endpoint: + description: The target endpoint of the Telemetry service + (automatically discovered by default) + type: string + sampler: + description: The sampler of the telemetry used for tracing + (default "on") + type: string + sampler-parent-based: + description: The sampler of the telemetry used for tracing + is parent based (default "true") + type: boolean + sampler-ratio: + description: The sampler ratio of the telemetry used for + tracing + type: string + serviceName: + description: The name of the service that publishes telemetry + data (defaults to the integration name) + type: string + type: object + toleration: + description: The configuration of Toleration trait + properties: + configuration: + description: |- + Legacy trait configuration parameters. + Deprecated: for backward compatibility. + type: object + x-kubernetes-preserve-unknown-fields: true + enabled: + description: Can be used to enable or disable a trait. + All traits share this common property. + type: boolean + taints: + description: The list of taints to tolerate, in the form + `Key[=Value]:Effect[:Seconds]` + items: + type: string + type: array + type: object + tracing: + description: 'Deprecated: for backward compatibility.' + properties: + configuration: + description: TraitConfiguration parameters configuration + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - configuration + type: object + type: object + type: object + replicas: + description: Replicas is the number of desired replicas for the Pipe + format: int32 + type: integer + serviceAccountName: + description: Custom SA to use for the Pipe + type: string + sink: + description: Sink is the destination of the integration defined by + this Pipe + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + uri: + description: URI can be used to specify the (Camel) endpoint explicitly + type: string + type: object + source: + description: Source is the starting point of the integration defined + by this Pipe + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + uri: + description: URI can be used to specify the (Camel) endpoint explicitly + type: string + type: object + steps: + description: Steps contains an optional list of intermediate steps + that are executed between the Source and the Sink + items: + description: Endpoint represents a source/sink external entity (could + be any Kubernetes resource or Camel URI). + properties: + dataTypes: + additionalProperties: + description: DataTypeReference references to the specification + of a data type by its scheme and format name. + properties: + format: + description: the data type format name + type: string + scheme: + description: the data type component scheme + type: string + type: object + description: DataTypes defines the data type of the data produced/consumed + by the endpoint and references a given data type specification. + type: object + properties: + description: Properties are a key value representation of endpoint + properties + type: object + x-kubernetes-preserve-unknown-fields: true + ref: + description: Ref can be used to declare a Kubernetes resource + as source/sink endpoint + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to have some well-defined way of + referencing a part of an object. + TODO: this design is not final and this field is subject to change in the future. + type: string + kind: + description: |- + Kind of the referent. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + namespace: + description: |- + Namespace of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ + type: string + resourceVersion: + description: |- + Specific resourceVersion to which this reference is made, if any. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency + type: string + uid: + description: |- + UID of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids + type: string + type: object + x-kubernetes-map-type: atomic + uri: + description: URI can be used to specify the (Camel) endpoint + explicitly + type: string + type: object + type: array + type: object + status: + description: the status of a Pipe + properties: + conditions: + description: Conditions -- + items: + description: PipeCondition describes the state of a resource at + a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + pods: + description: Pods collect health and conditions information + from the owned PODs + items: + properties: + condition: + description: PodCondition contains details for the current + condition of this pod. + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for + the condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + required: + - status + - type + type: object + health: + items: + properties: + data: + description: |- + RawMessage is a raw encoded JSON value. + It implements Marshaler and Unmarshaler and can + be used to delay JSON decoding or precompute a JSON encoding. + x-kubernetes-preserve-unknown-fields: true + name: + type: string + status: + type: string + type: object + type: array + name: + type: string + required: + - condition + type: object + type: array + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of pipe condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed + for this Pipe. + format: int64 + type: integer + phase: + description: Phase -- + type: string + replicas: + description: Replicas is the number of actual replicas of the pipe + format: int32 + type: integer + selector: + description: Selector allows to identify pods belonging to the pipe + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/camel-k/2.5.0/metadata/annotations.yaml b/operators/camel-k/2.5.0/metadata/annotations.yaml new file mode 100644 index 00000000000..5dcad2c0233 --- /dev/null +++ b/operators/camel-k/2.5.0/metadata/annotations.yaml @@ -0,0 +1,16 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: camel-k + operators.operatorframework.io.bundle.channels.v1: stable-v2,latest + operators.operatorframework.io.bundle.channel.default.v1: stable-v2 + operators.operatorframework.io.metrics.builder: operator-sdk-v1.30.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v2 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + com.redhat.openshift.versions: v4.14 diff --git a/operators/camel-k/2.5.0/tests/scorecard/config.yaml b/operators/camel-k/2.5.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..e9b7568adf1 --- /dev/null +++ b/operators/camel-k/2.5.0/tests/scorecard/config.yaml @@ -0,0 +1,40 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:master + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:master + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:master + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}